Transcript
![Page 1: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/1.jpg)
BUILDING A SIEM FROM
OPEN SOURCE
![Page 2: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/2.jpg)
DESPRE MINE
Pa
ge
1
![Page 3: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/3.jpg)
DESPRE CYBOURN
Pa
ge
1
SECURITY OPERATIONS CENTER
INCIDENT RESPONSE
CUSTOM SECURITY SOLUTIONS
![Page 4: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/4.jpg)
Ce e un SIEM?
Security information and event management
Funcții
Pa
ge
2
Agregare de loguri
Corelare de loguri
Analiză
Alertare
Raportare
Management al incidentelor
![Page 5: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/5.jpg)
Comercial versus gratis
Pa
ge
3
![Page 6: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/6.jpg)
Agregare de loguri
Aplicațiile elastic sunt concepute special pentru colectarea logurilor, stocarea și interogarea lor
Pa
ge
4
![Page 7: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/7.jpg)
Corelare și alertare
Pa
ge
5
https://github.com/etsy/411
![Page 8: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/8.jpg)
Analiză și raportare
Pa
ge
6
![Page 9: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/9.jpg)
Bonus – Managementul incidentelor
Pa
ge
7
Request Tracker for Incident Response
Platformă de ticketing și incident management
![Page 10: BUILDING A SIEM FROM OPEN SOURCE....ogs] Unique visitors by country 010101010101010101 101010101 10101010: 010101 10101 01010 01010101 010101 101010101010 CYBOìlJRN Title PowerPoint](https://reader034.vdocuments.us/reader034/viewer/2022042109/5e88fbf9b31b0346ae028229/html5/thumbnails/10.jpg)
Use cases
Pa
ge
9
DebuggingMonitoring
Securityanalytics