Threat Hunting With Data Science And Splunk For Beginners

Cybersecurity Analysis and Threat Hunting in SOC using Data Science and Splunk

What you'll learn

Data Science Fundamentals for Cybersecurity

Cybersecurity Threat Detection Techniques

Hunting 0-Day Attacks

Anomaly Detection with Splunk and MLTK app

Requirements

Basic Knowledge of Network and Cybersecurity

Basic Knowledge of Splunk

Basic Knowledge of Splunk Search Processing Language (SPL)

Description

Welcome to "Threat Hunting with Data Science and Splunk for Beginners," course where we dive into the exciting realm of cybersecurity and equip you with the foundational skills needed to detect and mitigate cyber threats using Splunk and Data Science. Throughout this course, we'll focus on the seamless integration of data science techniques with Splunk, empowering you to become a proficient cyber defender.In today's digital landscape, cyber threats are evolving rapidly, posing significant risks to organizations and individuals alike. That's why proactive threat detection is paramount, and this course is your gateway to mastering the art of threat hunting using basics of data science methodologies within the Splunk environment.We'll start by laying the groundwork with an introduction to Splunk and its capabilities in threat detection. You'll learn how Splunk serves as a central hub for ingesting, analyzing, and visualizing vast amounts of security data, enabling organizations to identify and respond to threats in real-time.Next, we'll delve into the world of data science and its integration with Splunk. You'll discover how data science techniques such as statistical analysis, machine learning, and natural language processing can augment Splunk's capabilities, allowing for deeper insights and more accurate threat detection.Throughout the course, we'll explore practical use cases where data science intersects with Splunk to enhance threat detection efficacy. From identifying anomalous user access patterns to detecting suspicious network traffic and uncovering malware activities, you'll gain hands-on experience in leveraging data science techniques within the Splunk environment to proactively hunt down cyber threats.But we won't stop there. We'll also delve into Splunk's Machine Learning Toolkit (MLTK), a powerful suite of tools that enables you to build and deploy custom machine learning models for threat detection. You'll learn how to harness the MLTK's capabilities to create predictive models that can automatically identify and mitigate emerging threats.By the end of this course, you'll emerge with a comprehensive understanding of how data science and Splunk intertwine to form a formidable defense against cyber threats. Whether you're new to cybersecurity or looking to deepen your expertise, "Threat Hunting with Data Science and Splunk for Beginners" will empower you to take your threat detection skills to the next level and make a meaningful impact in securing digital assets.

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Threat Hunting Lab Setup

Lecture 2 Splunk Installation

Lecture 3 Splunk bulk Apps and Addons Installation

Lecture 4 Splunk Boss of The SOC (BOTS) Installation

Lecture 5 Import Lab Attacks Data to Splunk

Section 3: Data Science and Splunk

Lecture 6 Data Science and Splunk

Section 4: Math and Statistics for Splunk

Lecture 7 Standard Deviation

Lecture 8 Normal Distribution or Gaussian Distribution

Lecture 9 Empirical or 68–95–99.7 rule

Lecture 10 Standard Normal Distribution (Z-Score)

Section 5: Anomaly Detection with Data Science and Splunk

Lecture 11 User Access Anomalies Hunting

Lecture 12 ICMP Tunnel Outlier Detection

Lecture 13 SMB Traffic Anomaly Detection

Lecture 14 Windows Process CommandLine Outlier Detection

Lecture 15 Detecting Log Disruption Attacks

Lecture 16 Network Traffic Volume Outliers Detection

Lecture 17 Malware Activity Detection by Math

Lecture 18 Let Splunk Detect Attacks for You

Lecture 19 Malware Detection with Shannon Entropy

Section 6: Splunk Machine Learning Toolkit (MLTK)

Lecture 20 What is Splunk Machine Learning Toolkit

Lecture 21 Splunk MLTK App Installation

Lecture 22 DNS Outlier Detection with MLTK

Section 7: Fault Tolerance for Data Science

Lecture 23 Increase Fault Tolerance for Data Science with Splunk

Section 8: Domain Generation Algorithm (DGA) Hunting with Splunk

Lecture 24 What is Domain Generation Algorithm (DGA)?

Lecture 25 Splunk DGA App Installation

Lecture 26 DGA Detection with splunk

Section 9: NLP Text Analytics

Lecture 27 NLP Text Analytics using Splunk

Security Operations Center (SOC) analysts,Cybersecurity Threat Hunters,Splunk Engineers,Threat Intelligence Analysts,DFIRs