Recently Updated Pages
Reexamine SIEM tools
As a security analyst, you'll need to be able to quickly access the relevant data required to per...
Activity: Explore signatures and logs with Suricata
Introduction In this lab activity, you'll explore the components of a rule using Suricata. You'l...
Overview of Suricata
So far, you've learned about detection signatures and you were introduced to Suricata, an inciden...
Examine Suricata logs
Now let's examine some logs generated by Suricata.In Suricata, alerts and events are output in a ...
Examine signatures with Suricata
Previously, you learned about signature-based analysis.You also learned how to read signatures us...
Examine signatures with Suricata
Previously, you learned about signature-based analysis.You also learned how to read signatures us...
Components of a detection signature
As a security analyst, you may be tasked with writing, customizing, or testing signatures.To do t...
Grace: Security mindset in detection and response
Hi, I'm Grace, and I work in Detection and Response at Google.When I tell people what I do, they...
Detection tools and techniques
In this reading, you’ll examine the different types of intrusion detection system (IDS) technolog...
Security monitoring with detection tools
Detection requires data, and this data can come from various data sources.You've already explored...
Overview of log file formats
You’ve learned about how logs record events that happen on a network, or system. In security, log...
Variations of logs
When you purchase an item in a store, you usually receive a receipt as a record of purchase.The r...
Rebecca: Learn new tools and technologies
I am Rebecca, I'm a security engineer at Google, and I focus in identity management.The best part...
Best practices for log collection and management
In this reading, you’ll examine some best practices related to log management, storage, and prote...
The importance of logs
Devices produced data in the form of events.As a refresher, events are observable occurrences tha...
The importance of logs
Devices produced data in the form of events.As a refresher, events are observable occurrences tha...
Welcome to module 4
History books. Receipts. Diaries.What do all these things have in common?They record events.Wheth...
Wrap-up; Terms and definitions from Course 6, Module 3
That wraps up our discussion on incident investigation and response.Nice work on finishing up ano...
Post-incident review
Previously, you explored the Containment, Eradication and Recovery phase of the NIST Incident Res...
The post-incident activity phase of the lifecycle
Now that a security team has successfully contained eradicated and recovered from an incident, th...