Announcement

Collapse
No announcement yet.

SIEM on a budget

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • SIEM on a budget

    In reading this Twitter thread (https://twitter.com/infosec_taylor/s...259588106?s=12) and now having access to a beefier lab, I'm again interested in finding a workable SIEM for a small team to operate. As I mention in this thread, I've tried LME (https://github.com/ukncsc/lme) and WEFFLES (https://aka.ms/weffles) (which seems to kind of be abandon as the links are broken) with clients, but still not found anything I can really get excited about.

    Per that Twitter thread, some recommendations I've received are:
    • ELK / ELK SIEM
    • Splunk free
    • Qradar free
    • SOF-ELK
    Not sure which order I'll look at these, or when, but I'll keep this thread updated as I go!
    Brian Johnson
    7 Minute Security
    Podcaster | Security Consultant

  • #2
    Ok well THIS is annoying. Moving on from Splunk for now. Got THIS after going through the annoying registration process.

    Click image for larger version

Name:	splunk.PNG
Views:	11
Size:	49.5 KB
ID:	380
    Brian Johnson
    7 Minute Security
    Podcaster | Security Consultant

    Comment

    Working...
    X