Constructing Your Playbook within Security Onion
Offered By: Security Onion via YouTube
Course Description
Overview
Explore the process of building an effective security playbook within Security Onion in this conference talk from Security Onion Conference 2019. Learn how to integrate host data, manage sensitive shared resources, and import detections. Discover techniques for creating templates, executing queries, and pivoting through data. Gain insights into leveraging Elastic Search for enhanced security monitoring and response capabilities. Equip yourself with practical knowledge to construct a robust playbook tailored to your organization's security needs using Security Onion's powerful features.
Syllabus
Intro
Integration with host data
Sensitive shared resources
The PlayBook
Importing Detections
Templates
Query
Pivot
Elastic Search
Taught by
Security Onion
Related Courses
Palo Alto Networks CybersecurityPalo Alto Networks via Coursera (ISC)² Systems Security Certified Practitioner (SSCP)
(ISC)² via Coursera CompTIA Security+ (SY0-701) Complete Course & Exam
Udemy SSCP®: Monitoring and Analysis & Risk, Response, and Recovery (2012 Objectives)
Pluralsight SSCP®: Security Operations and Administration
Pluralsight