Analyze Endpoint Data with Elasticsearch 7

Focused View

Tim Coakley

1:31:51

104 View

Exercise Files

analyze-endpoint-data-elasticsearch.zip

Module 1 - Course Overview

1. Course Overview.mp4

02:06

Module 2 - Baseline and Anomaly Detection

1. Version Check.mp4

00:20

2. System Baseline Overview.mp4

03:12

3. Baseline Configuration.mp4

04:58

4. Identifying System Anomalies.mp4

05:04

Module 3 - Cloud Application Analysis with Elasticsearch

1. Cloud Threat Hunting.mp4

02:37

2. Configuration for Cloud Application Analysis.mp4

04:02

3. Monitoring for Cloud Security Events.mp4

01:29

4. Security Compliance in the Cloud.mp4

01:47

5. Demo Cloud Artifact Investigation with Elasticsearch.mp4

03:17

Module 4 - Malicious Process Monitoring

1. Malicious Process Overview.mp4

04:48

2. Process Monitoring Configuration.mp4

02:27

3. Monitoring and Detecting Malicious Process Activity.mp4

05:26

Module 5 - File Integrity Monitoring

1. File Integrity Overview.mp4

02:25

2. Configuration for File Integrity Monitoring.mp4

03:00

3. Demo - File Integrity Analysis.mp4

03:37

Module 6 - Malicious Logon Monitoring

1. Malicious Logon Overview.mp4

03:41

2. Logon Analysis Using Elasticsearch.mp4

06:52

Module 7 - Windows Host Analysis

1. Windows Analysis Overview.mp4

02:19

2. Configuration for Windows Hosts Analysis.mp4

02:43

3. Monitoring for Windows Security Events.mp4

03:13

4. Demo - Windows Artifact Investigation with Elasticsearch.mp4

05:33

Module 8 - Linux Host Analysis

1. Linux Analysis Overview.mp4

02:48

2. Configuration for Linux Host Analysis.mp4

01:48

3. Monitoring for Linux Security Events.mp4

02:09

4. Demo - Linux Artefact Investigation with Elasticsearch.mp4

05:16

Module 9 - Summary

1. Summary.mp4

04:54

Description

The endpoint remains one of the primary targets for cyber threat actors. Endpoint monitoring and analysis is ever more critical to an organization, to protect its data and intellectual property. This course will teach you how to monitor and analyze endpoint data using Elasticsearch.

What You'll Learn?

When threat actors target an organization, it can be either targeted or opportunistic in nature. What is clear is that the endpoint is often a primary target. Attackers will use a range of attack techniques from phishing, malware or even social engineering to name a few to achieve their aims. In this course, Analyze Endpoint Data with Elasticsearch, you will use the software Elasticsearch. Elasticsearch provides powerful search capabilities that can be used to give cyber defenders the ability to analyze data, detect threats and help to investigate security incidents. First, you will be given an overview into Elasticsearch software. Next, you will discover how to analyze Cloud Applications, Windows, and Linux endpoints. Then you will learn about operating system baseline, anomaly and file integrity monitoring. Finally, you will learn to analyze data for malicious logon and process activity. When you are finished with this course you will have the skills and knowledge to better protect your organization, its data and intellectual property. This is an intermediate level course and you should have good knowledge of common cyber attack techniques as well as some incident response knowledge.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Data Analysis

Elasticsearch

Tim Coakley

Instructor's Courses

Tim Coakley is a Senior Security Solutions Architect for a large multi-national organisation and an author at Pluralsight. Tim started a long and successful full-time career in Digital Forensics supporting the criminal justice system and law enforcement on a long list of criminal cases. Parallel to this Tim ran a research and development business creating solutions from design through to support resulting in some unique and niche software not developed anywhere else. Tim now works fully within the cybersecurity space and has supported and worked within many security teams including, Investigations, Incident Response, Threat intelligence, Penetration Testing, Governance and Engineering until landing into Security Architecture. Tim has worked in a broad range of industries including Law Enforcement, Telecommunications, Pharmaceuticals, Intelligence, Military, Contracting and consulting. Outside of professional working life, Tim enjoys travelling, hiking, kitesurfing and cooking.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.