I will make rules in elk stack, azure sentinel, crowdstrike

Use environment-specific custom detection rules to improve your security operations. In order to provide efficient threat identification and incident response, my area of expertise is creating threat detection rules for CrowdStrike, Azure Sentinel (KQL), and ELK Stack.

What I provide:

Custom Rule Creation: To quickly and effectively identify threats, use ElasticSearch Language to create detection rules for your ELK stack.

Rules for Azure Sentinel (KQL): Make specific rules to identify threats in your infrastructure, such as web attacks and AWS critical API calls.

Create personalized rules for CrowdStrike to enhance visibility and detection throughout your endpoint security system.

MITRE ATT&CK Mapping: To guarantee thorough coverage of strategies and procedures, match detection rules to the MITRE ATT&CK framework.

Automations & Alerting: For proactive threat monitoring and response, include alerts into automated workflows.

Rule tuning according to your environment infrastructure will also be provided.

I'll work with you to put in place reliable detection rules that will improve your platform-wide security posture.