Cybersecurity SOAR EDR Project | Part 3
Vložit
- čas přidán 14. 07. 2024
- Embark on a cutting-edge journey into the integration of SOAR and EDR with our project featuring LimaCharlie and Tines. Learn how to automate security workflows, and enhance your cybersecurity posture effectively. We'll guide you through the configuration process and show how these tools work together to provide real-time security insights and responses. Whether you're a security professional or an IT enthusiast, this tutorial will equip you with the knowledge to deploy these security solutions in your own environment.
D&R Rule: github.com/MyDFIR/SOAR-EDR-Pr...
_________________________________
THE MYDFIR SOC ANALYST COURSE:
With 8 chapters and 30+ hands-on labs tailored to security operations, I am focused on transforming you into a standout SOC analyst. Beyond tools, you'll master the investigation process and uncover hidden details. Let's make a real difference together.
▸Enroll here: academy.mydfir.com/p/soc
_________________________________
SIGN UP FOR FREE MENTORSHIP
Getting started in Cybersecurity is difficult and you don't have to do it alone.
Let me help you on your journey.
▸Sign up for FREE here: www.mydfir.com
_________________________________
RECOMMEND COURSES FOR BEGINNERS:
Coursera Google Cybersecurity Program
Affiliate Link - imp.i384100.net/mydfir
Microsoft Cybersecurity Analyst Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-MS
Coursera Google IT Support Professional Certificate
Affiliate Link - imp.i384100.net/mydfir-IT
_________________________________
PRODUCTS TO HELP YOU GET STARTED
🗺️ 1-Year Cybersecurity Roadmap: mydfir.gumroad.com/l/roadmap
📘 The NO BS SOC Analyst Roadmap: mydfir.gumroad.com/l/SOC-Anal...
📄 Resume Template: mydfir.gumroad.com/l/Resume-T...
📑 Cover Letter Template: mydfir.gumroad.com/l/Cover-Le...
🎙️ Interview Questions: www.mydfir.com/interview
📚 Cybersecurity bookmarks: mydfir.gumroad.com/l/bookmarks
_________________________________
EARLY ACCESS & EXCLUSIVE VIDEOS
Patreon: / mydfir
_________________________________
🕒 TIMELINE
00:00 - Intro
00:33 - Demo
02:52 - Detection & Response
_________________________________
FOLLOW ME ON SOCIAL MEDIA:
▸Instagram: / mydfir
▸X: x.com/@MyDFIR
Disclaimer: All opinions in my videos are solely my own. Some links provided are affiliate links!
#cybersecurity #cybersecuritytrainingforbeginners #cybersecurityforbeginners #socanalyst #soc
This took me like 4 days to fully understand lol had to keep playing it over and over. Absolutely worth it
Definitely rewarding! Great job 🙌
Appreciate the content!
Thanks for watching!
thank you, thats all i gotta say
Great stuff 👏 👍 👌 🙌
Thank you! Cheers!❤
Great video!!!
Thanks for watching!
💓👌🤝👌💓
❤️❤️
Virustotal does not like Lazagne too, is it safe to run on my main host machine?
I would do everything on a vm
@@MyDFIR noted, thanks
I want to say thank you for putting out such great videos. I am currently going along with this project and ran into my first issue. I created my detection rule and everything was moving along smoothly until I went back into powershell, typed 'lazagne.exe all' and it was not detected. I waited another hour to see if it would start populating in my detection section and still nothing. I'm currently stuck, any advice would be greatly appreciated :) Thanks!!
If you see the “lazagne all” event?
@@MyDFIR yes
@@MyDFIR After I created the detection rule I tested it and all 4 operations were working. I went back into powershell and ran the lazagne.exe all command and went back into limacharlie under the detection tab to see if anything was detected and still nothing. I stopped and restarted everything and ran it over again and still nothing. Thank you for responding btw
Whatttt OK, can you DM me on Instagram with screenshots?
@@MyDFIR I just logged into everything and was getting ready to take screenshots and it generated a detection.. still took almost the entire day to generate lol but I am much appreciative of you ... seriously you have no idea how much your helping me!! Thank you again !! I'm going to move on to part 4 now.