ElasticCase is a blue team lab that falls under the Threat Hunting category and will cover the following subjects: ELK, Initial Access, Execution, Privilege Escalation, Defense Evasion, Credential Access, Discovery, Lateral Movement, Command and Control.
Learning Objectives
Investigate a simulated multi-stage attack to identify compromise and attacker activity using Elastic SIEM.