Title: Getting Started with Elastic SIEM (ELK) and Kali Purple
Speaker: Shubhendu Shubham
City: Bengaluru
Country: India
Language: English
Type: Presentation 30-45 mins
Level: Standard
Tags: security, Threat Hunting
Description
This session will be about setting up your first SIEM (Security Information and Event Management ) with Elastic Defend, Kibana and agents installation inside endpoints to get events with Kali Purple( Defensive OS).
Afterwards we'll track events and write hunting queries to fetch incident/events and try to understand TTP (Tactics, Technique and Procedure) under NIST framework.
Speaker Bio
Shubhendu Shubham is Microsoft certified Security Architect from Cognizant with 4 years of experience in threat hunting and cloud security. He is certified HTB (hack the Box) CTF player with highest award (Golden Kusto Detective Agent) for CTF Kusto Detective Agency Session 2 & 1. He's Microsoft Ninja certified in CSPM & Sentinel. He is maintainer of Docker community Extension Repo.
He organises open source community like Docker Bangalore and Azure Developer community and love to write blog at blog with 6.5k YoY views . One of his blog got secured top 30th position in Azure Dev Stories Blogathon 2021.
Description
This session will be about setting up your first SIEM (Security Information and Event Management ) with Elastic Defend, Kibana and agents installation inside endpoints to get events with Kali Purple( Defensive OS). Afterwards we'll track events and write hunting queries to fetch incident/events and try to understand TTP (Tactics, Technique and Procedure) under NIST framework.
Speaker Bio
Shubhendu Shubham is Microsoft certified Security Architect from Cognizant with 4 years of experience in threat hunting and cloud security. He is certified HTB (hack the Box) CTF player with highest award (Golden Kusto Detective Agent) for CTF Kusto Detective Agency Session 2 & 1. He's Microsoft Ninja certified in CSPM & Sentinel. He is maintainer of Docker community Extension Repo. He organises open source community like Docker Bangalore and Azure Developer community and love to write blog at blog with 6.5k YoY views . One of his blog got secured top 30th position in Azure Dev Stories Blogathon 2021.