Monitoring for attacks and defending them in real-time is crucial. Crunch through all the logs from the various sources (servers, applications, firewalls etc.) to gain insights from anomalies in real time. Making the right choices from the attacks can prove to be a nightmare. Even with the solutions already available in the market. In this workshop we can see attacks happening in real time using a centralised dashboard. By collecting logs from various sources we will monitor and analyse the attacks. Using data gleaned from the logs, we can apply defensive rules against the attackers. We will be using open source technologies to build this monitoring solution.
The workshop at the very least will include the following hands on topics:
DURATION (1⁄2 DAY)
WHO SHOULD ATTEND
Security Engineers & Analysts, SOC Teams, IT/Network Administrators, Who interested to automate security monitoring
WHAT TO EXPECT
WHAT NOT TO EXPECT
We will be mostly doing how ELK will help to security monitoring, we don’t cover scaling ELK stack.