Practical MSTICPY Use - Rainbow Bridge to SIEM for Advanced Threat Hunting

Saturday, 09 Sep 2023 4:00PM EST (09 Sep 2023 20:00 UTC)
Speaker: Tatsuya Hasegawa｜長谷川達也

Analyzing logs with SIEM has become commonplace these days. Are you stuck with the analysis that can be done with only your SIEM? Aren't you just looking at your dashboard, are you? Data analysis should be a freedom. In other words, uniquely conceived analytical logic, unrestricted external collaboration, eccentric visualization, emphasis that is easy for readers to understand etc. On the other hand, it may be easier and suitable for junior analysts and operators to do conventional analyses as routine works. Microsoft's msticpy is a great tool which can do the both. Despite, I rarely see msticpy users in APAC, especially in Japan! In this talk, I will introduce the mutual use of msticpy and SIEM, and emphasize the unique features of msticpy. After this talk, you will surely want to do analysis freely using msticpy!

Login to Register

Related Content

DFIR - Blog - HUMINT and its Role within Cybersecurity_340 x 340.jpg

Digital Forensics, Incident Response & Threat Hunting

October 4, 2024

HUMINT and its Role within Cybersecurity

This blog explores HUMINT's role in cybersecurity, detailing its implementation, benefits, and potential risks.

370x370 Jon DiMaggio.png

Digital Forensics, Incident Response & Threat Hunting

January 16, 2024

FOR528: Ransomware & Cyber Extortion Course Updates Implemented – What’s New?

The recent FOR528 course better addresses the differences between ransomware and cyber extortion, and provides new hands-on labs and bonus content.

Cybersecurity Insights, Digital Forensics, Incident Response & Threat Hunting, Cyber Defense, Cloud Security, Open-Source Intelligence (OSINT), Cybersecurity Leadership, Security Awareness, Artificial Intelligence (AI)

December 18, 2023

Top 15 SANS Summit Talks of 2023

This year, SANS hosted 16 Summits with 209 talks. Here were the top-rated talks of the year.