#SecurityOnion 2.3.210 now available including:
✅#Elastic 8.6.1
✅#Suricata 6.0.10
✅#Zeek 5.0.6
and more!
blog.securityonion.net
✅#Elastic 8.6.1
✅#Suricata 6.0.10
✅#Zeek 5.0.6
and more!
blog.securityonion.net
Looking for a fun #CyberSecurity project? 😀
Want to practice your #ThreatHunting 🔍 and #IncidentResponse skills?
Install #SecurityOnion🧅2.3.210 in a VM:
docs.securityonion.net
Then follow along with our recent quick #malware analysis blog posts:
blog.securityonion.net
Want to practice your #ThreatHunting 🔍 and #IncidentResponse skills?
Install #SecurityOnion🧅2.3.210 in a VM:
docs.securityonion.net
Then follow along with our recent quick #malware analysis blog posts:
blog.securityonion.net
You can then stand up a production deployment and sniff live traffic from a tap or span port. You'll get NIDS alerts, protocol metadata, and full packet capture!
docs.securityonion.net
docs.securityonion.net
Then augment that network visibility with host visibility by deploying endpoint agents:
docs.securityonion.net
For comprehensive logging, deploy #sysmon (thanks @markrussinovich and the #sysinternals team!) and a #sysmon config from @SwiftOnSecurity, @cyb3rops, or @olafhartong
docs.securityonion.net
For comprehensive logging, deploy #sysmon (thanks @markrussinovich and the #sysinternals team!) and a #sysmon config from @SwiftOnSecurity, @cyb3rops, or @olafhartong
@markrussinovich @SwiftOnSecurity @cyb3rops @olafhartong Need help getting started with #sysmon?
Check out our Youtube video at:
youtu.be
Check out our Youtube video at:
youtu.be
@markrussinovich @SwiftOnSecurity @cyb3rops @olafhartong Once you find something of interest in your network or endpoint logs, you can escalate to a case:
youtu.be
youtu.be
@markrussinovich @SwiftOnSecurity @cyb3rops @olafhartong Inside the case, you can identify indicators and analyze them using Analyzers:
youtu.be
youtu.be
Looking for documentation?
It's built into our web interface for #SecurityOnion 2.3.210 but you can also find it online at:
securityonion.net
It's built into our web interface for #SecurityOnion 2.3.210 but you can also find it online at:
securityonion.net
You can also purchase a printed copy of the documentation at securityonion.net with proceeds going to @RuralTechFund !
The printed book also includes an inspiring foreword by @taosecurity and a 20% discount code for our certification and on-demand training!
The printed book also includes an inspiring foreword by @taosecurity and a 20% discount code for our certification and on-demand training!
Loading suggestions...