Updated Articles

  1. The DefenseStorm Virtual Machine

    Information on how to install, upgrade, and configure your DVM.
  2. Suspicious Event in Dashboard

    How to analyze a potentially threatening event.
  3. Integrations

    AWS DefenseStorm supports integration with AWS by supporting Cloud Trail & ELB and S3 Log integration. See the instructions in this article on how to setup communication between DefenseStorm and AWS depending on the Amazon Web Service.  ...
  4. Events

    How to search through Events efficiently, and create incidents, triggers, data restrictions, and classifiers from the Events page.
  5. TRAC Team

    Who is TRAC, what services do they offer, what can they not offer, and how to contact them.
  6. DVM TroubleShooting

    This playbook provides detailed instructions for common DVM troubleshooting resolutions. Knowing what to do when your system displays certain symptoms could greatly reduce data loss.  First Step As soon as your DVM goes down - contact Defense...
  7. Assets

    How to import, merge, export, and manage assets.
  8. Triggers

    How to create, modify, and search triggers.
  9. SQL Audit Logging

    Overview This article explains how to successfully ingest SQL Server events (at both the server and database level) to the DefenseStorm GRID. This provides users with applicable technical controls for monitoring activity on mission critical datas...
  10. Installing Security Onion w/ BRO

    Overview What is Security Onion? Security Onion (SO) is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xpli...