Posted on
in Presentations
Visibility is the core component in any SOC, from continual monitoring to incident response. While having a simple interface helps to display data, sometimes advanced hunting requires moving beyond the interface and delving into data that’s likely never been documented. This presentation will focus on building a better understanding of environments and hunting for unknown threats that lie within.
Learning Objectives:
1: Learn about blueprint networks using native operating system tools and osquery.
2: Learn how to reduce SOC fatigue by automating regular but critical tasks.
3: Learn to hunt using properly collected and organized data.
Pre-Requisites:
Linux, Windows command line; ELK stack configuration, administration (or equivalent technology, i.e., Splunk); networking basics; networking configuration/engineering; software deployment; programming.
Learning Objectives:
1: Learn about blueprint networks using native operating system tools and osquery.
2: Learn how to reduce SOC fatigue by automating regular but critical tasks.
3: Learn to hunt using properly collected and organized data.
Pre-Requisites:
Linux, Windows command line; ELK stack configuration, administration (or equivalent technology, i.e., Splunk); networking basics; networking configuration/engineering; software deployment; programming.
Share With Your Community