Standardizer - A Standardization Framework for Your Security Alerts
Offered By: YouTube
Course Description
Overview
Explore a standardization framework for security alerts in this conference talk from Circle City Con 2019. Learn about the Standardizer tool, which addresses common problems in alert management. Discover how to implement standardized emergency response metadata, create feedback loops, and handle core data effectively. Dive into topics such as short name linting failures, valid tactics, spawn queries, and transformations. Gain insights on secondary operations, Confluence integration, search stanzas, and the CI process. Watch a demonstration of custom issue types, issue keys, data sources, and extended responses. Understand how to leverage Bitbucket, Splunk, and other tools to improve your security alert workflow.
Syllabus
Intro
Welcome
Background
Problems
Bitbucket
Splunk
Summary
Standardized ER
Metadata
Feedback loop
Deeper souptonuts
Core data
Short name
linting failures
valid tactic
spawn query
transformations
Secondary operations
confluence
Search stanzas
PR links
CI process
Application
Demo
Custom issue type
Issue Key
Data Source
Issue Summary
Repos
Extended Response
Spunk
Conflict parser
Related Courses
Metadata: Organizing and Discovering InformationThe University of North Carolina at Chapel Hill via Coursera Gérer les documents numériques : maîtriser les risques
CNAM via France Université Numerique Research Data Management and Sharing
The University of North Carolina at Chapel Hill via Coursera SharePoint Enterprise Content Management
Microsoft via edX Configuration Management on Google Cloud Platform
Google via Coursera