LogSentinel SIEM Workshop: Dashboard, Threat Detection, Integrations

LogSentinel SIEM Workshop: Dashboard, Threat Detection, Integrations

What is it like to use LogSentinel #SIEM? Here's a #demo that shows what LogSentinel SIEM can do, from how to set up an alert, what the dashboard looks like, how to triage threats in real-time, and so much more!

00:00 Intro

0:25 About LogSentinel SIEM: Predictable and Affordable Pricing, Regulatory Compliance, Simple Deployment, Cloud and On-Prem

03:00 LogSentinel Dashboard

04:00 What is an actor in the SIEM context and what is this role used for

05:00 Parameters collected by logs and how to search them

06:20 Normalized actions

07:00 Queries across sources using normalized actions (examples)

08:20 How to perform Nested Queries

09:50 Ad-hoc activity reports

11:00 Saving and scheduling custom SIEM reports

12:18 Flows

13:08 Time aggregations - per hours, per month, week, data source, etc.

13:19 Numeric aggregations of logs
13: 40 Charts defined by queries

14:10 Custom dashboards

14:39 Threat map

15:10 Reports (pre-set templates for use)

15:50 Data Sources - AD, Firewall, SAP, Website, Microsoft365, GCP, Router, Etc.

22:00 Cloud Integration with LogSentinel SIEM (MS 365, Azure, AWS, GCP, Google Workplace, Zoom, Webex, Okta, Email)

22:55 Log Collectors (Windows/Linux)

23:09 Tenants - creating and nesting tenants

24:00 SIEM Agents

26:00 Alerts, anomalies, and real-time notifications

27:38 Correlation rules (preset rules and alerts and how to import custom ones)

31:00 Statistical rules and how to set them up

32:00 Healthcheck alerts (checking data sources)

32:25 Anomaly detection and how to avoid the high volumes of false positives generated

33:32 Working hours configuration

33:52 Alerts Grid - how to check risk levels, how to triage and respond

35:40 User management - assigning users to data source groups/tenants

36:40 Threat Feeds (TAXII and others)

37:40 Adding connectors for anything

38:15 Honeypot connector with SIEM

38:35 Syslog connector

40:00 Windows event logs connector

40:30 Encryption of the keys

Request a Free Demo and find out how LogSentinel can help your organization improve information security: https://bit.ly/3wfqiDk

👨‍💼 About the Speaker
Bozhidar Bozhanov is co-founder and CEO at LogSentinel. He is a senior software engineer and solution architect with over 10 years of experience in the software industry. Bozhidar has been a speaker at numerous conferences and is among the popular bloggers and influencers in the technical field. He is one of the top-ranked users in Stack Overflow and his tech blog is recognized as one of the top Java developers blogs by international online media.

About LogSentinel SIEM
LogSentinel SIEM is an easy-to-use next-gen #SIEM system that helps its customers to reduce the time and cost of incident detection, investigation, and response by over 90%. By leveraging the latest technologies like blockchain and machine learning, it enables security teams to eliminate their blind spots and prevent any security incident in real-time.

LogSentinel SIEM offers predictable pricing, based on the number of active users, rather than fluctuating metrics like data volume or events per second. This together with its unparalleled ease of use and flexibility helps organizations of all sizes improve their security posture giving them a SIEM they can afford and manage effectively.

📽 More LogSentinel SIEM Webinars: https://logsentinel.com/webinars/

Connect with LogSentinel
🔗Facebook - https://www.facebook.com/LogSentinel/
🔗LinkedIn - https://www.linkedin.com/company/logsentinel
🔗Twitter - https://twitter.com/logsentinel