threat-hunting-with-notebooks

Demo files associated with "Threat Hunting with Notebook technologies" presented at Secureworld conferernce in Seattle, WA
https://events.secureworldexpo.com/agenda/seattle-wa-2018/

Presentation: https://www.slideshare.net/ashwin_patil/threat-hunting-using-notebook-technologies

Github jupyter notebook viewer does not parse well, use online services such as nbviewer, mybinder, free computer to view and interact with notebooksby providing github notebook/repo URL.

Launch Binder

Threat Hunting Example Notebooks

Basic Data Analysis and Visualization on Failed Logon Data :: nbviewer

• Data Source : Azure Data Explorer
• Language: Python

Time series anomaly detection on successful logon data using anomalize package :: nbviewer

• Data Source : Azure Data Lake
• Language: R

Threat Hunting with ip address from logs :: nbviewer

• Data Source : csv file with 4688 along with command line logs
• Language: Python

Open Source Threat Intel Lookup using requests :: nbviewer

• Language: Python

Anomaly detection and visualization using Time Series Decomposition :: nbviewer

• Language: Python

Analyzing billions of passwords from Breach compilation dataset :: nbviewer

• Data Source : Multiple txt and csv file in data folder
• Language: Python