In this module we're going over VMSA-2023-0001 in-depth. We'll use its composite vulnerabilities to explore:
* the challenges of hunting Linux systems
* what makes a *good* detection given multiple exploitation paths
* how to hunt for directory traversal/file write attacks
The events in your SIEM can be found in the following timespan: 5 Feb 2023 - 6 Feb 2023.
There are two index patterns for this module:
* `filebeat-*`
* `packets-*`](https://assets.aceresponder.com/meta/435c470c-76df-49e2-ae44-80e161d9f2f4.png)
vRealize Log Insight Exploit Part 2
Prerequisites:
In this module we're going over VMSA-2023-0001 in-depth. We'll use its composite vulnerabilities to explore:
- the challenges of hunting Linux systems
- what makes a good detection given multiple exploitation paths
- how to hunt for directory traversal/file write attacks
The events in your SIEM can be found in the following timespan: 5 Feb 2023 - 6 Feb 2023.
There are two index patterns for this module:
filebeat-*packets-*
Analyst
$17.49
/mo
Explore realistic pre-recorded attacks
Master full-featured defensive platforms
Browser-based challenges and modules
Extended attack videos
8 AI credits per month
Grants access to Analyst content. You can cancel any time by returning to this page and following the cancellation steps.
Defender
$44.49
/mo
Instant fully interactive labs
Hands-on prevention and detection
Master offensive techniques
Security engineering exercises
Highly realistic and dynamic scenarios
Access to all Analyst-level content
20 AI credits per month
Grants access to all Defender content, Analyst content and interactive lab environments. You can cancel any time by returning to this page and following the cancellation steps.