https://www.wriotsecurity.com/tags/security/Recent content in Security on wriotsecHugo -- gohugo.ioenTue, 31 Jan 2023 22:12:00 +0000https://www.wriotsecurity.com/posts/exploring-windows-event-logs-for-incident-response/Tue, 31 Jan 2023 22:12:00 +0000https://www.wriotsecurity.com/posts/exploring-windows-event-logs-for-incident-response/ <p>Elastic Security is incredibly useful for threat hunting especially with the success of tools like RockNSM and the HELK project. But what about hunting through old logs aided by detection tools that threat hunters use? How feasible is it to use Elastic Security if just want to stand it up the tool and throw some data at it? In this blog we we will explore how to take advantage of Elastic Security and the open source detection rules that are bundled in each release.</p>