Webcast: Your Free and Open Source EDR Options!

There has been a huge explosion of different free and open-source options for EDR in the security space. Which is nice because the commercial offerings are stupid expensive. In this Black Hills Information Security (BHIS) webcast, we look at OpenEDR, Elastic, and Velociraptor. With all these great options, there is no reason your organization should not have one of these offerings. Further, they are essential for any IR gig you may do.

You may be a shop that is looking at commercial offerings, however, you should always look at the free offerings first. Remember, you are not paying for what the commercial product offers, you are paying for what it does versus what the free offerings do not.

Join the BHIS Community Discord: https://discord.gg/bhis

0:00:00 – FEATURE PRESENTATION: Your Free & Open EDR Options!

0:02:03 – Why We here?

0:04:46 – EDR? Like that there electronic music?

0:11:48 – Vendors

0:14:21 – MITRE Evaluations

0:19:17 – So, Why EDR?

0:23:05 – Free and Open Source?

0:28:48 – OSSEC

0:31:12 – So, WAZUH

0:38:28 – Velociraptor

0:41:09 – DEMO: Velociraptor

0:48:35 – Vendors and Free/OS

0:49:57 – Elastic (Formerly Endgame)

0:55:09 – OPEN EDR – From Comodo

0:58:41 – Conclusions

1:01:53 – Backdoors & Breaches Virtual

Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2021/03/SLIDES_OpenandFreeEDR.pdf

Want to level up your skills and learn more straight from John himself?
You can check out his classes below!

SOC Core Skills

Active Defense & Cyber Deception

Getting Started in Security with BHIS and MITRE ATT&CK

Introduction to Pentesting

Available live/virtual and on-demand