Updated Articles

  1. SQL Audit Logging

    Overview This article explains how to successfully ingest SQL Server events (at both the server and database level) to the DefenseStorm GRID. This provides users with applicable technical controls for monitoring activity on mission critical datas...
  2. Installing Security Onion w/ BRO

    Overview What is Security Onion? Security Onion (SO) is a Linux distribution for intrusion detection, network security monitoring, and log management. It’s based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert, ELSA, Xpli...
  3. GRID Users

    Creating a new user in the web console is quick and easy.
  4. Collecting Logs and Events from Windows Machines

    Explains how to obtain windows events from your windows machines to DefenseStorm.
  5. Download Links

    DefenseStorm Virtual Machine When upgrading to DVM version 1.2.0, there is no upgrade path; a new image must be spun up and the old one shut down. Open a Connect Ticket for instructions and assistance. VMWare (OVA File) v1.2.0 Microsoft Hype...
  6. DVM TroubleShooting

    This playbook provides detailed instructions for common DVM troubleshooting resolutions. Knowing what to do when your system displays certain symptoms could greatly reduce data loss.  First Step As soon as your DVM goes down - contact Defense...
  7. The DefenseStorm Virtual Machine

    Information on how to install, upgrade, and configure your DVM.
  8. FAQ's

    Common questions answered simply.
  9. Alert Inbox Playbook

    Overview Overview The plays and procedures in this playbook give you insight into how the DefenseStorm TRAC Team monitors your alerts. You can also perform these plays on any triggers created internally by your team.  *Please leave all TR...
  10. Alert Inbox

    How to efficiently utilize the Alert Inbox and its options.