Elastic Security Workshop Part II - Introducing the Public Repository for Detection Rules

  • TYPE: Workshop DATE: Monday, November 09, 2020 TIME: 14:00-15:00

Security must be a team sport — collaborating, sharing, and contributing are critical to success. Working together on a larger scale is the only way to stay ahead; infosec teamwork cannot be limited solely to the organization or even industry level.

Elastic's free and open philosophy aims to help infosec teams globally via a community-centered approach to solving security problems. True to this approach, we are making a public repository available for the universal collection, collaboration, and implementation of security detection rules.

In this workshop, we'll introduce the repo and cover what you need to know to make the best use of this valuable new resource, including:

A walkthrough of the security detection rules repo and what it contains

An intro to Elastic's approach to threat hunting and detection

Getting started, dependencies, and usage best practices

Guidelines on how to contribute (creating issues, style, and process)

Detection engineering (rule metadata, Elastic Common Schema (ECS), and rule validation)

Log in to download the presentation:  


Session Links

Virtual Event

Cybersecurity Leadership Summit 2020

Contact person:

Mr. Levent Kara
+49 211 23707710
  • Nov 09 - 11, 2020 09:00 AM - 5:00 PM CET