EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins
Details
THIS IS A FREE EVENT - PLEASE FINISH YOUR RSVP IN THE LINK BELOW
Abstract 1:
Several commercial and opensource tools enable security data ingestion, however, these tools are typically not simple and easily incur errors through misconfigurations. MITRE ATT&CKTM, Elastic’s Logstash ‘pipeline to pipeline’ and multi-pipeline features provide a lot of value but also need to be used and configured correctly. In this session, we will review:
A day in the life of a Security Analyst
Writing attack behavior security plugins
Why MITRE?
Integrating MITRE intelligence into a plugin
Other classification techniques
Pipeline to Pipeline and debug tools
Demo
About empow
Abstract 2:
Are you new to Elastic SIEM? Join us for a demo and learn how to start investigating threats in your environment.
Presenters:
Joe DiGregorio, Solution Architect, empow
Joe DiGregorio is Solution Architect at empow and a Boston based cybersecurity professional with over 7 years’ experience including in vulnerability management, penetration testing, insider threat detection & mitigation, and consulting. Joe's knowledge and experience comes from years working at industry leaders such as CORE Security and ObserveIT (now a Proofpoint company).
Cami Lewis, Community Advocate- Security
Agenda
---
Hosted By
Tanya Siclait, Community Organizer
---
THIS IS A FREE EVENT - PLEASE FINISH YOUR RSVP IN THE LINK BELOW
EmPOW: Integrating Attack Behavior Intelligence into Logstash Plugins