This course is geared for those wanting to understand how to build a Detection Playbook with Security Onion 2.3. Students will gain both a theoretical and practical understanding of building detections in Security Onion, reinforced with real-life examples from network and host datasources.
Syllabus
Course Welcome & Introduction to Security Onion
Security Onion Installation
tDetection Engineering
tKey Components of a Play
Operationalizing Plays with Sigma
Getting Started with Playbook
Creating New Plays
Developing Your Detection Playbook with Security Onion 2.3
