Open Source SIRP with Elasticsearch and TheHive

This is a past event

29 people went

Location image of event venue

Details

In this presentation Arnaud will demonstrate a logging, alerting, and case management framework based on open source solutions. Come see Wazuh generate security alerts, logging to Elasticsearch, and case management with TheHive. We'll cover IoC enrichment and threat feed intelligence with MISP and Cortex, hosting a private sandbox with Cuckoo, and cover options for adding in some automation. Give your analysts the tools they need to make quick decisions!

Check out the blog series at https://arnaudloos.com/2019/open-source-sirp-overview/