Previously I had written a guide on Creating a Single-Node ELK Stack; covering what to do when you want create and utilize The Elastic Stack (also formally ELK) on a limited capacity, single-node basis. When assisting my roommate in creating an ELK stack of his own, I realized I had not yet described the process … Continue reading Creating a Multi-Node ELK Stack
Working in a SOC environment, it is easy to get lost in the world of case management - unable to balance and juggle the information-to-incident ratio. I have recently come across one of the better solutions to this issue; TheHive. According to their website, TheHive is a "scalable 4-in-1 open source and free security incident … Continue reading Installing TheHive – a Security IR Platform
Burnham Forensics 