SIEM Home Lab Series (Part 1)
<p>This is the first of a multi-part series on building a SIEM lab and training with ‘Purple Team’ skills. I say ‘Purple’ because while the emphasis will be on ‘Blue Team’ activities we will also need to use ‘Red Team’ techniques to populate our SIEM with relevant data. The series will be broken out into the following parts:</p>
<ol>
<li>Building the lab</li>
<li>Logging activity and ingesting data</li>
<li>Investigating with Elastic Agent</li>
<li>Investigating with Winlogbeat</li>
</ol>
<p>For those who want to follow along I am going to make a bunch of assumptions about your skills and technical expertise — namely that you have a basic understanding of <a href="https://tutorials.cyberaces.org/tutorials.html" rel="noopener ugc nofollow" target="_blank">IT fundamentals</a> and that you know what a <a href="https://www.tripwire.com/state-of-security/incident-detection/log-management-siem/what-is-a-siem/" rel="noopener ugc nofollow" target="_blank">SIEM</a> is.</p>
<p><a href="https://systemweakness.com/siem-home-lab-series-part-1-c6386b42e938"><strong>Learn More</strong></a></p>