Phish Fights and Not So Long Nights - Integrating Security Onion and Sublime Platform

Explore the integration of Security Onion and Sublime Platform in this 46-minute presentation featuring Wes Lambert and Josh Kamdjou. Learn how to effectively triage Sublime email alerts within Security Onion, streamlining incident response and reducing threat identification time. Discover techniques for pivoting to Sublime for in-depth investigation of suspicious emails, extracting valuable context and indicators. Understand how to enrich and correlate Sublime alerts with various Security Onion data sources, including Zeek HTTP/DNS/TLS records, Suricata alerts, and full PCAP. Gain insights into creating a comprehensive defense against email-based attacks by combining Security Onion's robust capabilities with Sublime Platform's innovative approach to email security.

Phish Fights and Not So Long Nights with Security Onion and Sublime Platform