Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Pluralsight

OS Analysis with OSSEC

via Pluralsight

Overview

OSSEC is an opensource Host Intrusion Detection System (HIDS). In this course, you will learn OS Analysis using OSSEC.

Cyber criminals often use native tools and functions of an operating system in order to perpetrate their attacks. In this course, OS Analysis with OSSEC 3, you’ll learn how to utilize OSSEC to detect authentication bypass and persistence techniques in an enterprise environment. First, you’ll learn how to detect rogue user account creation. Next, you’ll discover how accessibility features can be used for authentication bypass. Finally, you’ll analyze OSSEC logs to identify persistence using Windows scheduled tasks. When you’re finished with this course, you’ll have the skills and knowledge to detect these techniques: Create Account: Local Account T1136.001, Event Triggered Execution: Accessibility Features T1546.008, Schedule Task/Job: Scheduled Task T1053.005 using OSSEC.

Syllabus

  • Course Overview 1min
  • Monitor OS Activity with OSSEC 22mins
  • Resources 1min

Taught by

Michael Edie

Reviews

4.5 rating at Pluralsight based on 11 ratings

Start your review of OS Analysis with OSSEC

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.