English | MP4 | AVC 1920×1080 | AAC 44KHz 2ch | 15 Lessons (3h 42m) | 3.21 GB
A centralized logging system is only one part of a complete logging infrastructure. In order to properly protect an IT infrastructure from malicious actors, useful information needs to be extracted from that log data. Throughout this course, we will examine various logging formats and sources, and how proper aggregation and correlation strategies can help pull that actionable intelligence that is required for proper countermeasure construction. In addition, we’ll look at various tools that can be used throughout the process and the importance of continuous monitoring of not only logs and alerts, but also countermeasure effectiveness.
Table of Contents
1 Course Introduction
2 Logging Summary
3 Log Sources & Types
4 Log Formats
5 Collection & Aggregation
6 CollectionAggregation Demo
7 Log Normalization
8 Log Analysis
9 Log Analysis Demo
10 Countermeasures
11 Continuous Monitoring & Alerting
12 YARA Introduction
13 Building YARA Rules
14 YARA Demo
15 Course Conclusion
Resolve the captcha to access the links!