Summary: This capstone outlines the process a security engineer would use to set alerts and analyze traffic using various systems. Vulnerable machines are attacked to test the alerts and produce auditable traffic.
- Defensive Security Report & Defensive Security Presentation
- Refer back to Capstone #2 for Kibana alerts and thresholds.
- Configure and implement alerts and thresholds.
- Offensive Security Report
- Assess a vulnerable VM.
- Attack a machine on the network.
- Verify that the Kibana rules work as expected.
- Network Forensic Report
- Capture and analyze traffic on the virtual network with Wireshark.
- Explain the actions that users are doing on the network.
- Collect corporate misuse evidence
- Josh Black
- Laura Pratt
- Courtney Templeton
- Robbie Drescher
- Julian Baker