Security Onion 🧅 · @securityonion
1186 followers · 92 posts · Server infosec.exchange
#SecurityOnion 2.3.220 now available including:
✅ #Elastic 8.6.2
✅ #Grafana 9.2.10
✅ #FleetDM 4.27.1
✅ #Zeek 5.0.7
and more!
https://blog.securityonion.net/2023/02/security-onion-23220-now-available.html
Looking for a fun #CyberSecurity project? 😀
Want to practice your #ThreatHunting 🔍 and #IncidentResponse skills?
Install #SecurityOnion🧅2.3.220 in a VM:
https://docs.securityonion.net/en/2.3/first-time-users.html
Then follow along with our recent quick #malware analysis blog posts:
https://blog.securityonion.net/search/label/quick%20malware%20analysis
You can then stand up a production deployment and sniff live traffic from a tap or span port. You'll get NIDS alerts, protocol metadata, and full packet capture!
https://docs.securityonion.net/en/2.3/network.html
Then augment that network visibility with host visibility by deploying endpoint agents:
https://docs.securityonion.net/en/2.3/host.html
Once you find something of interest in your network or endpoint logs, you can escalate to a case:
https://docs.securityonion.net/en/2.3/cases.html
Inside the case, you can identify indicators and analyze them using Analyzers:
https://docs.securityonion.net/en/2.3/cases.html#analyzers
Looking for more documentation?
It's built into our web interface for #SecurityOnion 2.3.220 but you can also find it online at:
https://securityonion.net/docs
You can also purchase a printed copy of the documentation at https://securityonion.net/book with proceeds going to Rural Technology Fund!
The printed book also includes an inspiring foreword by @taosecurity and a 20% discount code for our certification and on-demand training!
#securityonion #elastic #grafana #fleetdm #zeek #cybersecurity #threathunting #incidentresponse #malware