Threat Hunting with Kibana

Threat Hunting with Kibana

Upcoming Classes

No classes have been scheduled, but you can always Request a Quote.

Summary

This course is designed for security analysts interested in using Kibana to hunt threats to their data and systems. You will start with an introduction to threat hunting, including how it’s different from other security analysis processes, and then move onto an introduction to the Elastic Stack and the powerful set of tools it offers.

Description

You will then learn essential Kibana features for analyzing security data, followed by an in-depth look at our network and host data sources, including learning about ways to enrich them. You will then learn about threat hunting philosophy, workflow, models, techniques and how it can help improve the effectiveness of security operations center. All of this will then be followed by a guided hunt exercise to put your new skills to the test.

Topics Covered
  • Introduction to the threat hunting and the Elastic Stack
  • Network data
  • Host data
  • Data enrichment
  • Threat hunting
  • Guided Hunt
Download Course Outline

Duration

2 Days

Audience

Security Analysts

Prerequisites

  • No prior knowledge of the Elastic Stack required.
  • Familiarity with basic networking and network security, as well as logging and incident response concepts

Setup Requirements

  • Laptop with Wi-Fi connectivity
  • Mac, Linux, or Windows
  • Latest version of Chrome or Firefox (other browsers not supported)
  • Disable any ad blockers and restart your browser before class

Additional Notes

Bundle discounts apply when registering for multiple courses. Have training questions? Review our FAQ or email us.