Overview
Discover how to enhance enterprise visibility and strengthen your defense against cyber threats in this 49-minute RSA Conference talk. Explore Security Onion, a free and open-source platform designed by defenders for defenders, offering comprehensive visibility tools. Learn about intrusion detection, network security monitoring, log management, and incident response techniques. Gain insights into endpoint telemetry, log types, and dashboards. Master the art of pivoting to full packet capture and analyzing network transactions. Understand how to extract valuable information from various file types and leverage new platform features. Equip yourself with the knowledge to give defenders more advantages and make adversaries struggle in their attempts to breach your enterprise security.
Syllabus
Intro
Human Story
Lessons Learned
Security Onion
How to Download
Endpoint Telemetry
Use Cases
Demo
Log Types
Dashboards
Needs Alerts Summary
Pivot to Full Packet Capture
Analyzing Full Packet Capture
FTP Transaction
RAR File
Extract RAR File
New Platform
Give Defenders More Advantages
Taught by
RSA Conference