Elastic Case – Official Walkthrough

CyberDefenders – Official Walkthroughs – Elastic Case Lab – Medium

Tools: ELK Stack (Elastic SIEM, Kibana, etc…)

Lab Scenario: An attacker was able to trick an employee into downloading a suspicious file and running it. The attacker compromised the system, along with that, The Security Team did not update most systems. The attacker was able to pivot to another system and compromise the company. As a SOC analyst, you are assigned to investigate the incident using Elastic as a SIEM tool and help the team to kick out the attacker.

0:00 – Introduction
1:00 – Question 1
2:20 – Question 2
2:40 – Question 3
2:55 – Question 4
3:45 – Question 5
5:35 – Question 7
6:45 – Question 8
7:25 – Question 9
8:20 – Question 10
9:15 – Question 11
10:45 – Question 12
12:10 – Question 13
13:15 – Question 14
14:15 – Question 15
14:55 – Question 16
15:45 – Question 17
16:00 – Question 18
16:22 – Question 19
16:55 – Question 20
17:25 – Question 21
17:50 – Question 22
18:55 – Question 23
19:15 – Question 24

—

WEBSITE: https://cyberdefenders.org/
DISCORD: https://cyberdefenders.org/discord