Repository with Sample threat hunting notebooks on Security Event Log Data Sources
Demo files associated with "Threat Hunting with Notebook technologies" presented at Secureworld conferernce in Seattle, WA
https://events.secureworldexpo.com/agenda/seattle-wa-2018/
Presentation: https://www.slideshare.net/ashwin_patil/threat-hunting-using-notebook-technologies
Github jupyter notebook viewer does not parse well, use online services such as nbviewer, mybinder, free computer to view and interact with notebooksby providing github notebook/repo URL.
Basic Data Analysis and Visualization on Failed Logon Data :: nbviewer
Time series anomaly detection on successful logon data using anomalize package :: nbviewer
Threat Hunting with ip address from logs :: nbviewer
Open Source Threat Intel Lookup using requests :: nbviewer
Anomaly detection and visualization using Time Series Decomposition :: nbviewer
Analyzing billions of passwords from Breach compilation dataset :: nbviewer