?url_ver=Z39.88-2004&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Adc&rft.title=Security+monitoring+tool+system+using+threat+intelligence+vs+threat+hunting&rft.creator=Wan+Ikbal+Ismat+Wan+Kamal%2C+&rft.subject=QA75+Electronic+computers.+Computer+science&rft.description=This+project+is+about+developing+a+Security+Monitoring+Tool+System+using+Graylog%0D%0ASIEM+(Security+Information+Event+Management)+with+a+combination+of+Threat%0D%0AIntelligence+and+an+expected+outcome+for+Threat+Hunting+results.+This+is+built+in%0D%0Aaccordance+to+specific+ruleset+been+made+for+threat+hunting+purposes+with+an%0D%0Aautomation+of+logs+from+Windows+endpoint+host+and+Network+activity.+A+datasets+of%0D%0AThreat+Intelligence+enrichment+will+be+integrated+to+the+provided+platform+which+is%0D%0AGraylog.+Main+objective+is+to+ensure+Security+Analyst+or+Network+Analyst+to+have+a%0D%0Alook+at+any+suspicious+behavior+of+attacks+by+hackers+and+act+to+it+in+a+timely+manner.%0D%0AMost+organizations+normally+ingesting+network+and+endpoint+logs+to+the+SIEM+tools%0D%0Aand+integrating+with+some+commercial+tools+to+detect+or+trigger+anomalies+and+directly%0D%0Asend+them+notifications+via+email+or+3rd+party+channel+like+Slack+channel.+Bear+in+mind%0D%0Athat%2C+the+commercial+tools+is+highly+expensive+and+not+really+cost+effective%2C+however%0D%0Awith+this+development+definitely+will+help+them+to+deploy+the+same+approach+with+very%0D%0Alimited+budget+or+could+be+at+zero+cost+for+small+medium+enterprise+but+for+big%0D%0Aenterprise+it+will+only+cost+%241500+at+fixed+price+which+considered+as+cheaper+than+the%0D%0Aother+tools.+There+are+many+developments+out+there+whereby+they+are+using+wellknown+open-source+IDS+like+Suricata+and+open+source+SIEM+like+elastic+stack%0D%0Acomprises+of+Elasticsearch%2C+Kibana+and+Logstash.+However%2C+in+this+development%2C%0D%0AGraylog+been+used+with+the+usage+of+Elasticsearch+and+MongoDB+as+a+database+server%0D%0Aand+to+store%2C+search+and+analyze+huge+volumes+of+data+ingested.+Generally%2C+the+Graylog%0D%0Ais+introduced+as+a+powerful+logging+tool+with+a+simple+user-friendly+interface+visualized%0D%0Awith+Grafana+as+well+as+offering+minimal+effort+to+configure+with+very+low%0D%0Amaintenance.+Due+to+that%2C+creating+a+ruleset+for+Threat+Hunting+and+Threat+Intelligence%0D%0Aenrichment%2C+it+will+be+much+easier+to+configure+and+straight+forward+to+compare+with%0D%0Aother+competitors+in+the+market.+(Abstract+by+author)&rft.publisher=Open+University+Malaysia&rft.date=2021&rft.type=Monograph&rft.type=NonPeerReviewed&rft.format=text&rft.identifier=https%3A%2F%2Flibrary.oum.edu.my%2Frepository%2F1435%2F1%2Flibrary-document-1435.pdf&rft.identifier=++Wan+Ikbal+Ismat+Wan+Kamal%2C+++(2021)+Security+monitoring+tool+system+using+threat+intelligence+vs+threat+hunting.++Project+Report.+Open+University+Malaysia.++++(Submitted)++&rft.relation=https%3A%2F%2Flibrary.oum.edu.my%2Frepository%2F1435%2F