Тёмный

SIEM Rule Creation Made Easy! Praeco/Elastalert and SIGMA 

Taylor Walton
Подписаться 19 тыс.
Просмотров 11 тыс.
50% 1
ВидеоПоделитьсяСкачатьДобавить в

Join me as we incorporate SIGMA and Praeco to add more detection and alerting to your SIEM stack!
Blog Post: / part-12-sigma-rules-fo...
🚩 CTF Challenge: ctf.socfortres...
📩 Contact Me: taylor.walton@socfortress.co
ℹ️ LinkedIn: / socfortressmdr
🧾 Our Blog: / socfortress
☕ Buy Me A Coffee: bit.ly/3woh21M
🚀 Security Operations Center as a Service: www.socfortres...
✅ Free For Life Tier: www.socfortres...
👨🏻‍💻 Professional Services: www.socfortres...
👾 Discord Channel: / discord
Series Playlist: • World's Best SIEM Stack

Опубликовано:

 

2 окт 2024

Поделиться:

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист
Посмотреть позже
Комментарии : 9   
@sg0luc
@sg0luc Месяц назад
Howdy! First of all, congrats for this wonderful content. I have a question: is it possible to run only the praeco instance, assuming that I already use ElastAlert? Thank you so much!
@SomerRabee
@SomerRabee 4 месяца назад
Awesome video Could you please share with us another awesome video on how to to make Praeco v1.8.19 (latest) perfectly work with Opensearch 2.8, and if not please provide us with an idea or suggestion. Thanks a lot.
@xinghe3780
@xinghe3780 Год назад
How to integrate sigma rules into wazuh bro. this video don't show us how to
@aminehadjamar689
@aminehadjamar689 Год назад
Hi Taylor, Thank you for your wonderful content. I've been following this series since the beginning, but it seems to me that there are a lot of products that need to be linked together, especially since they are open source, which makes controlling them a bit difficult. I prefer to rely on WAZUH with the addition of one or two products just to compensate for WAZUH's deficiencies
@muneebalamkhan5036
@muneebalamkhan5036 Год назад
Hey!! i was going thru one of your video "Identifying Malware with VirusTotal and Wazuh - Let's Deploy a Host Intrusion Detection System #6" just want to tell you the my virus total integrations are generating alerts in /var/ossec/logs/integratoin.log but the same alerts are not being showed in wazuh manager (dashboard ). Please note I have already configured my agent ossec.conf syscheck block like this C:\Users\abc\Desktop no please help me resolve this issue. thanks !!
@RozzClips
@RozzClips 11 месяцев назад
Taylor you're the best buddy. Thanks a lot for sharing advance blue team skills.
@lucasvalentelima7331
@lucasvalentelima7331 Год назад
AWESOMEE!!!👏
@577Pradeep
@577Pradeep Год назад
nice tutorial i hope preaco will be available for splunk
Далее
Open Source Incident Response Platform - Your SOC Needs This!
21:46
Open Source Incident Response Platform - Your SOC Needs This!
Просмотров 33 тыс.
Quarantine Malware with Wazuh + YARA
25:41
Quarantine Malware with Wazuh + YARA
Просмотров 10 тыс.
🦊🔥
00:16
🦊🔥
Просмотров 396 тыс.
КОНФЛИКТ. СВАДЬБА? КОНЕЦ ИСТОРИИ...
17:14
КОНФЛИКТ. СВАДЬБА? КОНЕЦ ИСТОРИИ...
Просмотров 524 тыс.
МАЛОЙ ГАИШНИК
00:35
МАЛОЙ ГАИШНИК
Просмотров 402 тыс.
СНЯЛ ВСЕ ОГРАНИЧЕНИЯ В ДОТЕ И СЛОМАЛ ИГРУ😰
38:08
СНЯЛ ВСЕ ОГРАНИЧЕНИЯ В ДОТЕ И СЛОМАЛ ИГРУ😰
Просмотров 421 тыс.
Master Huffman Coding in Python: Step-by-Step Guide to Data Compression Algorithms!”
11:34
Master Huffman Coding in Python: Step-by-Step Guide to Data Compression Algorithms!”
Просмотров 8
Understanding Sigma Signature Language For Threat Detection | TryHackMe
42:55
Understanding Sigma Signature Language For Threat Detection | TryHackMe
Просмотров 6 тыс.
What are Yara Rules (and How Cybersecurity Analysts Use Them)
14:15
What are Yara Rules (and How Cybersecurity Analysts Use Them)
Просмотров 35 тыс.
LangChain and Ollama: Build Your Personal Coding Assistant in 10 Minutes
20:43
LangChain and Ollama: Build Your Personal Coding Assistant in 10 Minutes
Просмотров 3,3 тыс.
Sigma to QRadar Rule Converter
9:47
Sigma to QRadar Rule Converter
Просмотров 2 тыс.
Detect Hackers & Malware on your Computer (literally for free)
16:38
Detect Hackers & Malware on your Computer (literally for free)
Просмотров 310 тыс.
Wazuh + MISP Automation - Automate Your SIEM Threat Intel Now!
19:31
Wazuh + MISP Automation - Automate Your SIEM Threat Intel Now!
Просмотров 16 тыс.
Detecting Abnormal Network Connections With Wazuh
14:16
Detecting Abnormal Network Connections With Wazuh
Просмотров 20 тыс.
Hunting for Hackers with Sigma Rules
26:47
Hunting for Hackers with Sigma Rules
Просмотров 19 тыс.
Graylog Install - Best Log Ingester for Your SIEM!
31:18
Graylog Install - Best Log Ingester for Your SIEM!
Просмотров 28 тыс.
🦊🔥
00:16
🦊🔥
Просмотров 396 тыс.