30 Bird - Using a SIEM (CASP)

Overview

NOTE: For this exercise, you should run as many of the classroom VMs as your host machine’s RAM allows. If you cannot run them all simultaneously, attempt it with Kali turned off.

If you want to use the Open Threat Exchange feature, you must sign up for a free OTX account at https://otx.alienvault.com . If you do, copy your API key for use in the exercise.

For this exercise, you will explore the interface of a SIEM that has been configured for your network.