Description: This session will provide an overview of the tools and techniques commonly used for detecting threats to an enterprise infrastructure. Implement strategies for documenting and reporting detected events based on industry standard compliance frameworks. We will use the Security Onion distribution. Tools include Elasticsearch, Logstash, Kibana (ELK/Elastic Stack), Wazuh, Snort, Zeek, Wireshark, and TCP Dump. On the final day we will be doing a capture the FLAG event in the Cyber range.
Prerequisite: Basic understanding of Linux operating system.
- Information and Security Technologies
Projects or Centers
Conducting Projects or Centers: