Join here: https://elastic.zoom.us/j/98260264173 Several commercial and opensource tools enable security data ingestion, however, these tools are typically not simple and easily incur errors through misconfigurations. MITRE ATT&CKTM, Elastic’s Logstash ‘pipeline to pipeline’ and multi-pipeline features provide a lot of value but also need to be used and configured correctly. In this session, we will review: A day in the life of a Security Analyst Writing attack behavior security plugins Why MITRE? Integrating MITRE intelligence into a plugin Other classification techniques Pipeline to Pipeline and debug tools Demo About empow Abstract 2: Are you new to Elastic SIEM? Join us for a demo and learn how to start investigating threats in your environment. Presenters: Joe DiGregorio, Solution Architect, empow Cami Lewis, Community Advocate- Security
Abstract 1:
Joe DiGregorio is Solution Architect at empow and a Boston based cybersecurity professional with over 7 years’ experience including in vulnerability management, penetration testing, insider threat detection & mitigation, and consulting. Joe's knowledge and experience comes from years working at industry leaders such as CORE Security and ObserveIT (now a Proofpoint company).