In this section, we'll go through the basic building blocks of a threat hunting architecture structure. These include a multiple ingestion layer starting with Beats to collect the data from different sources and Logstash to enrich the data for threat intelligence. Once the data has been properly prepared, the next step will be to focus on the investigation analytics.
Threat hunting architecture
by Bahaaldine Azarmi, Rich Collier
Machine Learning with the Elastic Stack
- Title Page
- Copyright and Credits
- Dedication
- About Packt
- Contributors
- Preface
- Machine Learning for IT
- Installing the Elastic Stack with Machine Learning
- Event Change Detection
- IT Operational Analytics and Root Cause Analysis
- Security Analytics with Elastic Machine Learning
- Alerting on ML Analysis
- Using Elastic ML Data in Kibana Dashboards
- Using Elastic ML with Kibana Canvas
- Forecasting
- ML Tips and Tricks
- Other Books You May Enjoy
Threat hunting architecture
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.