June 2022
Intermediate to advanced
468 pages
8h 50m
English
In the previous chapter, we learned how to implement an incident response (IR) platform and integrate intelligence capacities. In this chapter, we are going to integrate Security Orchestration, Automation, and Response (SOAR) to improve the efficiency of the IR process.
To do this, we are going to use Security Onion, an open source and free platform to perform security monitoring, IR, and threat hunting, and we are going to implement additional orchestration tools to improve the investigation capabilities.
In this chapter, you will learn about the following:
Read now
Unlock full access