Constructing Your Playbook within Security Onion
Offered By: Security Onion via YouTube
Course Description
Overview
Explore the process of building an effective security playbook within Security Onion in this conference talk from Security Onion Conference 2019. Learn how to integrate host data, manage sensitive shared resources, and import detections. Discover techniques for creating templates, executing queries, and pivoting through data. Gain insights into leveraging Elastic Search for enhanced security monitoring and response capabilities. Equip yourself with practical knowledge to construct a robust playbook tailored to your organization's security needs using Security Onion's powerful features.
Syllabus
Intro
Integration with host data
Sensitive shared resources
The PlayBook
Importing Detections
Templates
Query
Pivot
Elastic Search
Taught by
Security Onion
Related Courses
Network Security Monitoring (NSM) with Security OnionPluralsight Network Security Analysis Using Wireshark, Snort, and SO
Udemy Extensions, Frameworks, & Integrations Used with Zeek
Pluralsight Security Onion
Cybrary Enterprise Security Monitoring - Seeing Clearly with Security Onion - Wes Lambert
YouTube