Name: Building your first SIEM with the Elastic Stack
Start: 2019-10-24T11:00:00-0600
End: 2019-10-24T11:30:00-0600

Utah’s Premiere Cyber Security Conference

Back To Schedule

Building your first SIEM with the Elastic Stack

Feedback form is now closed.

Correctly implemented, a Security Information and Event Manager (SIEM) is one of the best tools a blue team has in defending a network. This presentation covers introductory topics about SIEMs including what they are, why you need one, and the considerations that one must take in building one. We will discuss the types of events that a SIEM can detect We will discuss the core technologies involved and demonstrate the setup of a SIEM with ElasticSearch, Logstash, Kibana, RabbitMQ, ElastAlert, and Zeek.

Slides: https://slides.com/cronocide/building-your-first-siem
Tutorial: https://www.cronocide.com/post/byfswtes/

Speakers

Daniel Dayley

Network Security Engineer, Sling TV

If somebody told you that I was just an ordinary guy with an ordinary security job, somebody had it pretty much right. I dabble in reverse engineering, jailbreaking everything, electrical engineering, not putting 'and's' at the end of lists. When I'm not expressing strong opinions... Read More →

Thursday October 24, 2019 11:00am - 11:30am MDT
Track THREE 2nd Floor (Ballroom C)

Presentation

Attendees (119)

C
S
B
J
N
I
G
N
M
View All →

SAINTCON 2019 Cyber Security Conference

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Daniel Dayley

Attendees (119)