Fe-fi-fo-FIM, I smell the monitoring of an elastic stack! presented at BSidesManchester 2019

by Brett Calderbank,

Summary : FIM is simple right? Everyone knows how to do FIM right? I'm gonna have to disagree!This one's gonna be a simple one answering a few questions:- How do we get FIM out there?- How do we centralise those logs?- What can we do with those logs?- Ok, so where do we go from here?I'm talking about the full shebang, we're cracking out ELK, Wazuh, and we're gonna have a peer into Apache Metron and what we can do with that! (Ooooooh... Aaaaaaaah...)Everyone should be excited for this one ;)