SIEM Home Lab Series (Part 1)

<p>This is the first of a multi-part series on building a SIEM lab and training with &lsquo;Purple Team&rsquo; skills. I say &lsquo;Purple&rsquo; because while the emphasis will be on &lsquo;Blue Team&rsquo; activities we will also need to use &lsquo;Red Team&rsquo; techniques to populate our SIEM with relevant data. The series will be broken out into the following parts:</p> <ol> <li>Building the lab</li> <li>Logging activity and ingesting data</li> <li>Investigating with Elastic Agent</li> <li>Investigating with Winlogbeat</li> </ol> <p>For those who want to follow along I am going to make a bunch of assumptions about your skills and technical expertise &mdash; namely that you have a basic understanding of&nbsp;<a href="https://tutorials.cyberaces.org/tutorials.html" rel="noopener ugc nofollow" target="_blank">IT fundamentals</a>&nbsp;and that you know what a&nbsp;<a href="https://www.tripwire.com/state-of-security/incident-detection/log-management-siem/what-is-a-siem/" rel="noopener ugc nofollow" target="_blank">SIEM</a>&nbsp;is.</p> <p><a href="https://systemweakness.com/siem-home-lab-series-part-1-c6386b42e938"><strong>Learn More</strong></a></p>
Tags: LAB Series