Analyze Network Event Activity Data with Elasticsearch

سرفصل های دوره

As our infrastructures grow, the quality of our data from these devices is becoming critical to cyber operations. This course will teach you how to ingest and use network event and telemetry data for threat hunting operations.

Exercise Files

analyze-network-event-activity-data-elasticsearch.zip

Module 1 - Course Overview

1. Course Overview

Module 2 - Exploring Network Telemetry and Event Data

1. Analyze Network Event Activity Data with Elasticsearch

2. Demo - Network Technology Component Setup

3. Demo - Exploring the Network Event Data

4. Demo - Configuring Anomaly Detections

5. Demo - Configuring Basic Security Alerts

Module 3 - Analyzing Netflow with Elasticsearch

1. Discovering the Capabilities of NetFlow

2. Demo - Configuring NetFlow Collection

3. Demo - Exporting NetFlow From Network Devices

4. Additional NetFlow Configuration From Network Devices

5. Demo - Viewing NetFlow Visualizations in Kibana

6. Demo - Using NetFlow for Threat Detection

7. Using NetFlow in the Enterprise

Module 4 - Using IDS Events for Threat Detection

1. Using IDS Telemetry for Threat Hunting

2. Demo - Exploring Zeek's Event Data

3. Demo - Exploring Zeek's Event Data

4. Demo - Identifying Adversary Techniques from IDS Telemetry

5. Demo - Identifying Adversary Techniques from IDS Telemetry

Module 5 - Using Network Application Data for Anomaly Detection

1. Discussing Application Anomalies

2. Demo - Exploring Application Data

3. Demo - Configuring Additional Application Data Context

4. Demo - Using Application Data for Threat Detection

5. Demo - Additional Threat Detection with Application Data

Module 6 - Correlating Network Telemetry for Threat Detection

1. Discussing Event Correlation

2. Demo - Installing and Using Auditbeat

3. Demo - Correlating Auditbeat with Network Traffic

4. Demo - Correlating Network Events and Telemetry

5. Reviewing Network Event Analysis

6. Additional Resources for Network Event Analysis

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight