logstash

第二季第4集 資料分析的藝術：ELK套件全方位探索 🤖 頻道主持人：Monica 🤖 來賓：創新研發中心 工程師黃敏傑 阿咪 本集重點： 💡ELK套件在資料分析領域中獨特的優勢？以及Elasticsearch、Logstash、Kibana這三個的特色及各自的功能？ 💡深入了解Elasticsearch、Logstash、Kibana的功能和特色，特別是在全文檢索和即時數據分析方面的表現？ 💡在處理龐大數據上ELK套件有何優勢？與其他工具比較其效益、價值在哪？ 💡分享ELK實際操作的架設步驟，以及與不同資料源（如IMO）進行介接的經驗分享？ 💡作為一個開源且免費的工具，ELK套件在企業或個人使用上的優勢、社群發展和使用者的滿意度如何？ 💡 ELK支援JSON格式，分享使用JSON格式在擴充性、靈活性和客製化能力中，應對不同數據需求的一些實際案例。 💡分享ELK的缺點以及公司產品上的使用經驗。 💡分享ELK與AI之間的結合應用以及平常使用什麼工具學習ELK?

Ronnie Watson (@secopsgeek)

Youtube: watson infosec - YouTube

watsoninfosec (Watsoninfosec) · GitHub

Wazuh - fork of OSSEC (Migrating from OSSEC · Wazuh · The Open Source Security Platform)

 

GitHub - ossec/ossec-hids: OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

Implementing a Network Security Metrics Programs (giac.org)

What to track.

Some suggested metrics to start with: 

1. Number of Successful Logons – from security audits. 
2. Number of Unsuccessful Logons – from security audits. 
3. Number of Virus Infections during a given period. 
4. Number of incidents reported. 
5. Number of security policy violations during a given period. 
6. Number of policy exceptions during a given period. 
7. Percentage of expired passwords.
8. Number of guessed passwords – use a password cracker to test passwords. 
9. Number of incidents. 
10. Cost of monitoring during a given period – use your time tracking system if you have one.

 

6 Essential Security Features for Network Monitoring Solutions (solutionsreview.com)

 

Metrics of Security (nist.gov)

Security metrics are essential to comprehensive network security and CSA management. Without good metrics, analysts cannot answer many security related questions. Some examples of such questions include “Is our network more secure today than it was before?” or “Have the changes of network configurations improved our security posture?”

The ultimate aim of security metrics is to ensure business continuity (or mission success) and minimize business damage by preventing or minimizing the potential impact of cyber incidents. 

 

DNS over HTTPs  DNS over HTTPS - Wikipedia

Check out our Store on Teepub! https://brakesec.com/store

Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com

#AmazonMusic: https://brakesec.com/amazonmusic 

#Spotify: https://brakesec.com/spotifyBDS

#Pandora: https://brakesec.com/pandora 

#RSS: https://brakesec.com/BrakesecRSS

#Youtube Channel:  http://www.youtube.com/c/BDSPodcast

#iTunes Store Link: https://brakesec.com/BDSiTunes

#Google Play Store: https://brakesec.com/BDS-GooglePlay

Our main site:  https://brakesec.com/bdswebsite

#iHeartRadio App:  https://brakesec.com/iHeartBrakesec

#SoundCloud: https://brakesec.com/SoundcloudBrakesec

Comments, Questions, Feedback: bds.podcast@gmail.com

Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon

https://brakesec.com/BDSPatreon

#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir

#Player.FM : https://brakesec.com/BDS-PlayerFM

#Stitcher Network: https://brakesec.com/BrakeSecStitcher

#TuneIn Radio App: https://brakesec.com/TuneInBrakesec