From the course: Threat Hunting Deep Dive: Intelligence-Based Detection and Response Strategies
Join today to access over 25,500 courses taught by industry experts.
Log analysis and behavioral analysis tools
From the course: Threat Hunting Deep Dive: Intelligence-Based Detection and Response Strategies
Log analysis and behavioral analysis tools
- Threat hunting relies heavily on data, logs from endpoints, networks, applications, and cloud environments provide the foundation for identifying suspicious activities and do not forget about your analyst mindset. However, manually analyzing the vast amount of data is nearly impossible. This is where log analysis and behavioral analysis tools come into play. Let's start with the log analysis tools. These tools collect and analyze logs from various sources to detect anomalies and potential threats. These tools transform unstructured log data into structured, searchable information that reveals patterns and anomalies. Here's a list of log analysis tools based on the type: SIEM, Security Information and Event Management systems. Some of the names here are Splunk, ELK Stack, QRadar, ArcSight. Then for log management solutions, Graylog, LogRhythm, Fluentd. For cloud-native solutions, AWS CloudTrail, Google Chronicle, Azure Sentinel. SIEM solutions like Splunk and QRadar aggregate and…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Open-source tools for intelligence gathering4m 45s
-
(Locked)
Commercial tools for intelligence gathering5m 26s
-
(Locked)
Open-source tools and techniques: Demo4m 30s
-
(Locked)
Log analysis and behavioral analysis tools4m 45s
-
(Locked)
Construction of a relationship of intelligence with threat hunting hypotheses4m 1s
-
(Locked)
-
-
-