by Eric Ooi | Mar 7, 2023 | cool tools, how-to, incident response, information security, network security monitoring
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to... 
by Eric Ooi | Mar 6, 2023 | cool tools, how-to, information security
Elastic develops the popular log analytics platform, the Elastic Stack, which supports a variety of search, observability, and security use cases through its many out of the box integrations. It’s a great platform for collecting, analyzing, and visualizing data... 
by Eric Ooi | Mar 2, 2023 | cool tools, how-to, information security
This guide details how to deploy Elastic Agent on macOS using Intune. For Windows, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security... 
by Eric Ooi | Mar 2, 2023 | cool tools, how-to, information security
This guide details how to deploy Elastic Agent on macOS using Intune. For macOS, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security capabilities,... 
by Eric Ooi | Mar 2, 2023 | cool tools, information security
Overview In this blog, we’ll walkthrough the custom Microsoft 365 dashboards presented in my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021. So, you checked out my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021 and got excited... 
by Eric Ooi | Jun 15, 2021 | how-to, incident response, information security, network security monitoring
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we’ve: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to...