Session 5 Resources

10 Mar 2021

Hope you all enjoyed today's session - I love seeing this end of the chain; as Ben said on the EMEA session, this is the 'fun' bit where everything we've learnt so far comes together!

Here's links to a few resources that we mentioned today:

Colbalt Strike - https://www.cobaltstrike.com/
PowerShell Empire - https://www.powershellempire.com/
Metasploit - https://www.metasploit.com/

And here's a link to an article comparing SIEM to MTR - building on what Kris spoke to in our session this afternoon. https://partnernews.sophos.com/en-us/2020/02/products/mtr-or-siem/

Anything else you need, let us know in the comments below!

Parents

Daniel Lynch over 3 years ago

Hi Nick i made a note about something Ben around SAAW (think that's spelt correctly) wanted to do some further research on this. do you guys have any links or further detail that you could share. thanks
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel
BenVerschaeren over 3 years ago in reply to Daniel Lynch

Hi Daniel,

So many acronyms, SOAR - Security Orchestration Automation and Response.

The best example of SOAR is "The Hive Project" https://thehive-project.org/, it's easy to get up and running and using respondents you can get a security event and automate the response based on the type of event that you're dealing with.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Comment

BenVerschaeren over 3 years ago in reply to Daniel Lynch

Hi Daniel,

So many acronyms, SOAR - Security Orchestration Automation and Response.

The best example of SOAR is "The Hive Project" https://thehive-project.org/, it's easy to get up and running and using respondents you can get a security event and automate the response based on the type of event that you're dealing with.
- Cancel
- Vote Up 0 Vote Down
- More
- Cancel

Children

No Data