|
Attribution is a b*tch
|
3.5: Investigation 101 - Using Search |
15 |
|
|
An account was successfully logged on 1
|
3: Search - Advanced |
30 |
|
|
23 - Threat Detection Incident Response: Search Timeline II
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
20 |
|
|
21 - Threat Detection Incident Response: Threat Center VI
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
20 - Threat Detection Incident Response: Threat Center V
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
22 - Threat Detection Incident Response: Search Timeline I
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
25 |
|
|
4 - Log Stream: Parsers II
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
9 - Attack Surface Insights: Devices
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
Attack of the tooling
|
1.1: Threat Center |
20 |
|
|
Se(r)ver(e) implications
|
1.1: Threat Center |
20 |
|
|
What went wrong?
|
1.1: Threat Center |
20 |
|
|
Sea of Threats! 2
|
1.1: Threat Center |
20 |
|
|
24 - Threat Detection Incident Response: Search Basic
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
35 |
|
|
19 - Threat Detection Incident Response: Threat Center IV
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
18 - Threat Detection Incident Response: Threat Center III
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
17 - Threat Detection Incident Response: Threat Center II
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
16 - Threat Detection Incident Response: Threat Center I
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
8 - Attack Surface Insights: Users
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
5 - Log Stream: Enrichment
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
13 - Security Management: Threat Detection Management IV
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
20 |
|
|
12 - Security Management: Threat Detection Management III
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
25 |
|
|
11 - Security Management: Threat Detection Management II
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
7 - Context Management II
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
15 |
|
|
6 - Context Management I
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
10 - Security Management: Threat Detection Management I
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
25 |
|
|
3 - Log Stream: Parsers I
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
2 - Collection
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
10 |
|
|
1 - Platform Overview: Start Here!
|
0: New-Scale 101, Compromised Insider, Malicious Insider |
5 |
|
|
This one is a keeper II
|
3: Search - 101 |
10 |
|
|
This one is a keeper I
|
3: Search - 101 |
10 |
|
|
Introduction to Search
|
3: Search - 101 |
5 |
|
|
I want what I want II
|
3: Search - 101 |
10 |
|
|
I want what I want I
|
3: Search - 101 |
10 |
|
|
The map, the map!!
|
1.3: Outcomes Navigator |
20 |
|
|
The map, the map!
|
1.3: Outcomes Navigator |
20 |
|
|
Sea of Threats! 1
|
1.1: Threat Center |
20 |
|
|
Can you hear me now?
|
1.3: Outcomes Navigator |
14 |
|
|
Export this IV
|
3: Search - 101 |
11 |
|
|
Export this III
|
3: Search - 101 |
11 |
|
|
Export this II
|
3: Search - 101 |
11 |
|
|
Export this I
|
3: Search - 101 |
11 |
|
|
Recent Releases
|
0.3: Exabeam Docs |
10 |
|