SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsThis guide is a supplement to SANS FOR572: Advanced Network Forensics and Analysis. It covers the basics of JSON and some of the fundamentals of the jq utility. The jq utility filters, parses, formats, and restructures JSON—think of it as sed, awk, and grep, but for JSON. Given the trend toward logs being generated in JSON, easily accessing and molding that data is increasingly important for the forensicator. This document is not intended to replace jq’s extensive documentation. It is only a quick reference resource.
Launched in 1989 as a cooperative for information security thought leadership, it is SANS’ ongoing mission to empower cyber security professionals with the practical skills and knowledge they need to make our world a safer place.
Read more about SANS Institute