(PPT) Practical Threat Hunting Using Open Source Tools @SACON 2019

Session Brief

This session was co-presented by 2speakers.

The first part by Wasim Halani included fundamentals, threat hunting approaches, elastic stack primer (elastic search, log stash, kibana, beats), concepts (nodes & cluster, index & shards, documents, fields, logstash), Logstash (configuration, plugins), GROK (basics,example), Kibana (examples), Filebeat, Winlogbeat, Demo (Investigating logs, creating visualizations, analysing data), Use Case.

The second part by Shomiron Das Gupta included the open source aspect of threat hunting - triggers for threat hunt, analytics (tools & techniques), phases in threat management life cycle, attach navigator (Mitre,Deep Panda, Lazarus Group, Inferencing (forward/reverse), building playbooks for standard threat hunt & more

About Speaker

Wasim Halani (Head Security Innovation & Research, NII Consulting)

Shomiron Das Gupta (CTO, Netmonastery)

>> Pre-Register for SACON 2020

Presentation

(SACON) Wasim Halani - OSINT threat hunting from Priyanka Aash

(SACON) Shomiron das gupta - threat hunting use cases from Priyanka Aash

>> Pre-Register for SACON 2020

You can also check out all the Top Talks at SACON 2019 here

Pages

(PPT) Practical Threat Hunting Using Open Source Tools @SACON 2019

Comments