Security Onion and Elastic XDR

  Рет қаралды 1,526

cyberlabz

cyberlabz

2 жыл бұрын

This video will showcase a Red and Blue team approach, ultimately bringing together a Purple team concept for accessing alerting capabilities between two different SIEM solutions. Security Onion is great!!! So is Elastic!!!
Hope you enjoy it!
#Security Onion
#Elastic
"Disclaimer"
I am not sponsored or employed by Security Onion or Elastic. I just like to tinker around and showcase the cool features that these two SIEM solutions offer.

Пікірлер: 6
@kimhalavakoski5189
@kimhalavakoski5189 2 жыл бұрын
Awesome video comparing SO and Elastic SIEM! How was your setup with doing this video, were you using them as 2 completely separate installations and separate agents(filebeat for SO and elastic agent for Elastic) running on your hosts?
@cyberlabz
@cyberlabz 2 жыл бұрын
Exactly! I used two totally different setups to show the pros and cons between the detection capabilities of both.
@ktroberson1
@ktroberson1 2 жыл бұрын
how did you setup the elastic fleet for the elastic agent in security onion?
@cyberlabz
@cyberlabz 2 жыл бұрын
The elastic agent is used with a completely different ELK stack. I've tried installing fleet server on security onion to incorporate elastic agent before but I've had several parsing issues when logs are sent to the index. Hopefully soon security onion will integrate the elastic agent into future builds.
@cyberlabz
@cyberlabz 2 жыл бұрын
I have a video that shows how to stand up your own elastic xdr stack
@presianbg
@presianbg Жыл бұрын
With the upcoming v2.4, Elastic Agent will be integrated in Security Onion!
Havoc C2 and Detection with Security Onion
42:02
Havoc C2 and Detection with Security Onion
cyberlabz
Рет қаралды 2,7 М.
Security Onion Sysmon Dashboards
36:11
Security Onion Sysmon Dashboards
cyberlabz
Рет қаралды 3,2 М.
The hard turtle was blasted into pieces |Chinese Mountain Forest Life And Food #MoTiktok #Fyp
00:19
The hard turtle was blasted into pieces |Chinese Mountain Forest Life And Food #MoTiktok #Fyp
Eater Straw Hat
Рет қаралды 24 МЛН
Nastya and SeanDoesMagic
00:16
Nastya and SeanDoesMagic
Nastya
Рет қаралды 33 МЛН
DAD LEFT HIS OLD SOCKS ON THE COUCH…😱😂
00:24
DAD LEFT HIS OLD SOCKS ON THE COUCH…😱😂
JULI_PROETO
Рет қаралды 16 МЛН
ЧУТЬ НЕ УТОНУЛ #shorts
00:27
ЧУТЬ НЕ УТОНУЛ #shorts
Паша Осадчий
Рет қаралды 10 МЛН
How To Setup ELK | Elastic Agents & Sysmon for Cybersecurity
14:35
How To Setup ELK | Elastic Agents & Sysmon for Cybersecurity
John Hammond
Рет қаралды 68 М.
Gitlab DELETING Production Databases | Prime Reacts
17:27
Gitlab DELETING Production Databases | Prime Reacts
ThePrimeTime
Рет қаралды 316 М.
The New Radeon 890M iGPU Is Faster Than We Thought! Say Good-Bye To RDNA3!
11:16
The New Radeon 890M iGPU Is Faster Than We Thought! Say Good-Bye To RDNA3!
ETA PRIME
Рет қаралды 55 М.
How TOR Works- Computerphile
14:19
How TOR Works- Computerphile
Computerphile
Рет қаралды 1,7 МЛН
Havoc C2 vs Elastic Agent
42:22
Havoc C2 vs Elastic Agent
cyberlabz
Рет қаралды 2,5 М.
Groundbreaking New Solar Energy System - Too Good to be True?
7:07
Groundbreaking New Solar Energy System - Too Good to be True?
Sabine Hossenfelder
Рет қаралды 404 М.
The BEST $800 Gaming PC Build of 2024!
18:29
The BEST $800 Gaming PC Build of 2024!
TechSource
Рет қаралды 146 М.
[GUIDE] How to Setup a Wazuh XDR to Secure Your Flux Nodes or Endpoints
11:51
[GUIDE] How to Setup a Wazuh XDR to Secure Your Flux Nodes or Endpoints
ModernDogos
Рет қаралды 3 М.
How to send external Logstash logs to Security Onion using SSL
26:10
How to send external Logstash logs to Security Onion using SSL
cyberlabz
Рет қаралды 1,3 М.
SOARLab - Security Onion + Automation + Response Lab including n8n and Velociraptor
31:40
SOARLab - Security Onion + Automation + Response Lab including n8n and Velociraptor
Security Onion
Рет қаралды 11 М.
The hard turtle was blasted into pieces |Chinese Mountain Forest Life And Food #MoTiktok #Fyp
00:19
The hard turtle was blasted into pieces |Chinese Mountain Forest Life And Food #MoTiktok #Fyp
Eater Straw Hat
Рет қаралды 24 МЛН