In this module we're going over VMSA-2023-0001 in-depth. We'll use its composite vulnerabilities to explore:
* the challenges of hunting Linux systems
* what makes a *good* detection given multiple exploitation paths
* how to hunt for directory traversal/file write attacks
The events in your SIEM can be found in the following timespan: 5 Feb 2023 - 6 Feb 2023.
There are two index patterns for this module:
* `filebeat-*`
* `packets-*`](https://assets.aceresponder.com/meta/435c470c-76df-49e2-ae44-80e161d9f2f4.png)
vRealize Log Insight Exploit Part 2
Prerequisites:
In this module we're going over VMSA-2023-0001 in-depth. We'll use its composite vulnerabilities to explore:
- the challenges of hunting Linux systems
- what makes a good detection given multiple exploitation paths
- how to hunt for directory traversal/file write attacks
The events in your SIEM can be found in the following timespan: 5 Feb 2023 - 6 Feb 2023.
There are two index patterns for this module:
filebeat-*packets-*
Analyst
$17.49
/mo
Explore realistic pre-recorded attacks
Master full-featured defensive platforms
Browser-based challenges and modules
Extended attack videos
Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.
Defender
$44.49
/mo
Instant fully interactive labs
Hands-on prevention and detection
Master offensive techniques
Security engineering exercises
Highly realistic and dynamic scenarios
Access to all Analyst-level content
Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.