<> "The repository administrator has not yet configured an RDF license."^^ . <> . . . "Security monitoring tool system using threat intelligence vs threat hunting"^^ . "This project is about developing a Security Monitoring Tool System using Graylog\r\nSIEM (Security Information Event Management) with a combination of Threat\r\nIntelligence and an expected outcome for Threat Hunting results. This is built in\r\naccordance to specific ruleset been made for threat hunting purposes with an\r\nautomation of logs from Windows endpoint host and Network activity. A datasets of\r\nThreat Intelligence enrichment will be integrated to the provided platform which is\r\nGraylog. Main objective is to ensure Security Analyst or Network Analyst to have a\r\nlook at any suspicious behavior of attacks by hackers and act to it in a timely manner.\r\nMost organizations normally ingesting network and endpoint logs to the SIEM tools\r\nand integrating with some commercial tools to detect or trigger anomalies and directly\r\nsend them notifications via email or 3rd party channel like Slack channel. Bear in mind\r\nthat, the commercial tools is highly expensive and not really cost effective, however\r\nwith this development definitely will help them to deploy the same approach with very\r\nlimited budget or could be at zero cost for small medium enterprise but for big\r\nenterprise it will only cost $1500 at fixed price which considered as cheaper than the\r\nother tools. There are many developments out there whereby they are using wellknown open-source IDS like Suricata and open source SIEM like elastic stack\r\ncomprises of Elasticsearch, Kibana and Logstash. However, in this development,\r\nGraylog been used with the usage of Elasticsearch and MongoDB as a database server\r\nand to store, search and analyze huge volumes of data ingested. Generally, the Graylog\r\nis introduced as a powerful logging tool with a simple user-friendly interface visualized\r\nwith Grafana as well as offering minimal effort to configure with very low\r\nmaintenance. Due to that, creating a ruleset for Threat Hunting and Threat Intelligence\r\nenrichment, it will be much easier to configure and straight forward to compare with\r\nother competitors in the market. (Abstract by author)"^^ . "2021" . . . "Open University Malaysia"^^ . . . . . . ""^^ . "Wan Ikbal Ismat Wan Kamal"^^ . " Wan Ikbal Ismat Wan Kamal"^^ . . "Open University Malaysia (OUM)"^^ . . . . . . . "Security monitoring tool system using threat intelligence vs threat hunting (Text)"^^ . . . . . . "library-document-1435.pdf"^^ . . . "Security monitoring tool system using threat intelligence vs threat hunting (Other)"^^ . . . . . . "lightbox.jpg"^^ . . . "Security monitoring tool system using threat intelligence vs threat hunting (Other)"^^ . . . . . . "preview.jpg"^^ . . . "Security monitoring tool system using threat intelligence vs threat hunting (Other)"^^ . . . . . . "medium.jpg"^^ . . . "Security monitoring tool system using threat intelligence vs threat hunting (Other)"^^ . . . . . . "small.jpg"^^ . . . "Security monitoring tool system using threat intelligence vs threat hunting (Other)"^^ . . . . . . "indexcodes.txt"^^ . . "HTML Summary of #1435 \n\nSecurity monitoring tool system using threat intelligence vs threat hunting\n\n" . "text/html" . . . "QA75 Electronic computers. Computer science"@en . .