Standardizer - A Standardization Framework for Your Security Alerts
Offered By: YouTube
Course Description
Overview
Explore a standardization framework for security alerts in this conference talk from Circle City Con 2019. Learn about the Standardizer tool, which addresses common problems in alert management. Discover how to implement standardized emergency response metadata, create feedback loops, and handle core data effectively. Dive into topics such as short name linting failures, valid tactics, spawn queries, and transformations. Gain insights on secondary operations, Confluence integration, search stanzas, and the CI process. Watch a demonstration of custom issue types, issue keys, data sources, and extended responses. Understand how to leverage Bitbucket, Splunk, and other tools to improve your security alert workflow.
Syllabus
Intro
Welcome
Background
Problems
Bitbucket
Splunk
Summary
Standardized ER
Metadata
Feedback loop
Deeper souptonuts
Core data
Short name
linting failures
valid tactic
spawn query
transformations
Secondary operations
confluence
Search stanzas
PR links
CI process
Application
Demo
Custom issue type
Issue Key
Data Source
Issue Summary
Repos
Extended Response
Spunk
Conflict parser
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube