Chapter 16: Real-World Implementation and Best Practices

In this chapter, you will take a deep dive into learning how to implement various real-world threat detection platforms on a network. Firstly, you will learn how to implement an open source Security Information and Event Management (SIEM) tool on a network to gather, correlate, and monitor security alerts. Then, you will learn how to automate the process of discovering and exploiting vulnerabilities using both a vulnerability scanner and a breach and attack automation tool. This will teach you how attackers compromise your network and system and establish communication channels between compromised systems and a centralized server. Lastly, you will learn how to implement an open source ...