Workshop: Using the Mitre Attack Framework

Topic:

In this workshop sponsored by Elastic, you will see how Elastic SIEM and the Elastic Stack accelerate security wins by returning results from ad hoc queries in seconds. You’ll also learn how to operate at scale, since Elastic handles security data by the petabyte — meaning you can keep your data for as long as you want and tap into the full picture when you need it most.

This interactive workshop session will cover:

  • Ingesting data quickly with pre-built Beats integrations including network infrastructure and endpoint agents
  • Auditing events by collecting Linux audit framework data with Auditbeat to monitor system and file integrity details
  • Gaining visibility into your environment by monitoring data on interactive dashboards tailored to your environment
  • Surfacing anomalies with machine learning
  • Automating threat detection with correlation-based alerts

This is a hands-on lab, so please bring your laptop.

Room:
Room 106
Time:
Friday, March 6, 2020 - 09:30 to 12:30