Azure HELK

it deploys Hunting ELK (HELK) hunting SIEM into Azure IaaS, using Terraform + Ansible. Deploys one HELK server and one Windows 10 endpoint. The endpoint is auto-configured to ship SwiftOnSecurity Sysmon logs via Winlogbeat using Kafka transport. Default support for Mordor.

By

Jason Ostrom

Related Content

Offensive Operations, Pen Testing, and Red Teaming, Open-Source Intelligence (OSINT), Penetration Testing and Red Teaming

November 16, 2023

A Visual Summary of SANS HackFest Summit

Check out these graphic recordings created in real-time throughout the event for SANS HackFest Summit 2023

Cybersecurity and IT Essentials, Penetration Testing and Red Teaming

December 6, 2022

Don’t Miss the 2022 SANS Holiday Hack Challenge – Now Open for Free Play

SANS’s annual festive gift to the cyber community is back with a new supervillain to thwart.

Offensive Operations, Pen Testing, and Red Teaming, Penetration Testing and Red Teaming

November 14, 2022

A Visual Summary of SANS Pen Test HackFest Summit 2022

On November 14-15, attendees joined us in Arlington, VA or tuned in Live Online for the SANS Pen Test HackFest Summit! We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the Summit through a...