Threat Hunting with ELK

Service Description

This hands-on training will walk attendees through leveraging the open source ELK (Elastic, Logstash, Kibana) stack to analyze logs to proactively identify malicious activity. The basic tools and techniques taught during this class can be used to investigate isolated security incidents or implemented at scale for continuous monitoring. Attendees will be provided with access to a pre-configured ELK instance and extensive sample logs containing diverse malicious events waiting to be discovered. - Attendees will need to bring their own Windows/Linux/MacOS laptop with 8+ GB RAM, WiFi, and VirtualBox or VMware installed. A VM will be made available to attendees for download before the workshop. - Note that this workshop is only available for CarolinaCon 2018 attendees. For more information on attending CarolinaCon, please visit: https://www.carolinacon.org/attendance.html - Max. Seating: 60 people (space is limited, must register to reserve a seat) - Wait List: If you're unable to register online due to space limitations, individuals lined up at the door will be let in at our discretion if there are no-shows. *Elasticsearch, ELK, and Elastic (ELK) stack images are property of Elastic.

Contact Details