Cyber2theMax

Most SOC analyst positions want people who have experience with using a SIEM (Security Information and Event Manager). Although there are many different kinds of SIEMs out there, from what I understand they all work relatively the same. They gather data and send you alerts if something specific happens. I found this project on YouTube at  https://www.youtube.com/watch?v=2XLzMb9oZBI&t=15s  Gerald Augar. In the video he is following the notes form this article  https://medium.com/@aali23/a-simple-elastic-siem-lab-6765159ee2b2  by Abdullahi Ali. I followed the notes as my guide and watched the video when I got stuck. However my project is a little different because I used Hyper-V instead of VirtualBox or VMware. So if that's what you're using, feel free to use my notes. At the end of this post, I talk a little bit about the problems I ran into and a few tips I have to make the experience a little better and a little easier.  First step is to set up an elastic...

      Recently I obtained what's called the CompTIA Trifecta. CompTIA is an IT association that issues vender neutral IT certifications. The three most commonly known certifications are the A+, Network+, and Security+. Obtaining all three certifications is called the CompTIA Trifecta. Usually, when taking these exams, it makes the most sense to start with A+, then Network+, and finally Security+. Network+ assumes you know everything on A+, and Security+ assumes you know everything about A+ and Network+, but they can be taken in any order.       When first learning about IT, someone suggested that I start with the A+ certification. I found a two week class offered on the military base where I served while I was still in the Marines. I took the class a few months before I left the Marines. The class was professional and very educational. I went from not knowing much about computers to pretty confident. At the end of the class I did not feel complete...