Elastic Security Workshop Part II - Introducing the Public Repository for Detection Rules
Facebook Twitter LinkedIn

Elastic Security Workshop Part II - Introducing the Public Repository for Detection Rules

Workshop
Monday, November 09, 2020 14:00—15:00

Security must be a team sport — collaborating, sharing, and contributing are critical to success. Working together on a larger scale is the only way to stay ahead; infosec teamwork cannot be limited solely to the organization or even industry level.

Elastic's free and open philosophy aims to help infosec teams globally via a community-centered approach to solving security problems. True to this approach, we are making a public repository available for the universal collection, collaboration, and implementation of security detection rules.

In this workshop, we'll introduce the repo and cover what you need to know to make the best use of this valuable new resource, including:

A walkthrough of the security detection rules repo and what it contains

An intro to Elastic's approach to threat hunting and detection

Getting started, dependencies, and usage best practices

Guidelines on how to contribute (creating issues, style, and process)

Detection engineering (rule metadata, Elastic Common Schema (ECS), and rule validation)

Elastic Security Workshop Part II - Introducing the Public Repository for Detection Rules
Presentation deck
Elastic Security Workshop Part II - Introducing the Public Repository for Detection Rules
Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.
James Spiteri
James Spiteri
Elastic Security
James is a principal product marketing manager at Elastic, focusing on Elastic Security. Previous to that, he served as a security specialist on our Solutions Architecture team for two years,...
Subscribe for updates
Please provide your email address