This content introduces the integration of Elasticsearch and Kibana in the GEKO stack, supporting Detection as Code. Steps include starting these services, managing detection rules through GitLab, and visualizing data. The guide emphasizes automation, validation, and creating dashboards for security management, encapsulating a modern approach to security engineering.
Category Archives: Docker
Running an Elasticsearch cluster using Docker Compose (Linux).
In this blog I will be installing Elasticsearch on Linux using Docker Compose. Unlike the previous Docker blog, Docker compose will streamline the setup process by defining and managing multi-container Docker applications, ensuring your Elasticsearch instance is up and running quickly and efficiently. I am using an Ubuntu 24.04 LTS Virtual Machine within VMware forContinue reading “Running an Elasticsearch cluster using Docker Compose (Linux).”
OpenCTI Threat Intelligence Platform (deployed using Ubuntu and Docker-Compose)
Deploying OpenCTI, a powerful threat intelligence platform, using Docker Compose on an Ubuntu virtual machine is a quick and efficient way to set up a scalable cybersecurity solution. OpenCTI provides analysts with tools to visualise, analyse, and share threat data seamlessly. By leveraging Docker Compose, you can simplify the deployment process, ensuring all necessary servicesContinue reading “OpenCTI Threat Intelligence Platform (deployed using Ubuntu and Docker-Compose)”
Running an Elasticsearch cluster using Docker (Windows).
This blog contains a guide on how to deploy a small Elasticsearch cluster for testing and development purposes on a windows host using Docker.
You must be logged in to post a comment.