Concepts
Declaration of Compromise
Approaching Threat Hunting
Versions
38.0.0
39.0.0
40.0.1 (latest)
Support
Documentation
Concepts
Concepts
Approaching Threat Hunting
Declaration of Compromise
Detection and Event Enrichment Flow
The Most Powerful Capabilities
Stamus Security Platform
Stamus Central Server
Stamus Networks Probe
Security Posture
Compromises
Analytics
Hunting
Hunting Filters
Kibana Dashboards
Feature Request
Administration
Overview
Authentication
SCS settings
Capture Settings
Network Security Monitoring Settings
Declarations of Compromise
Events Filtering
File Extraction
Conditional PCAP logging
Global Configuration
Network Definitions
Probe Registration
Probe Templates
Stamus Loggers
Run Your Own Defense (RYOD)
Sources & Rulesets
Splunk
Suricata Sensors
Threat Intelligence
Webhooks
Architectures
Single Tenant
Multiple Tenants
Cloud Architectures
Deployment Guidelines
Maintenance
Licensing
Preparing the Installation
Installing Stamus Central Server
Stamus Network Appliances
USB Installation
Backup & Restore
Systems Upgrade
Troubleshooting
Monitoring
Releases Notes
Stamus Support
Developer Corner
REST API
SOAR Integration Examples
Python SDK
Data Structure
JSON Data Format
Community
SELKS
GopherCap
Let’s Chat!
Warning:
You are viewing an older version of this documentation. Most recent is here:
40.0.1
Concepts
¶
Approaching Threat Hunting
Building your Cyber Defense with SCS
Context Understanding
Active Hunting
Serious & Imminent Threats
Policies Overview
Use Cases
Creating a Policy
Exporting/Importing a Policy and Filtersets
Policy Actions
Best Practices
Declaration of Compromise
Detection Engines
Indicators of Compromise (IoC)
Declaration of Compromise (DoC)
Detection and Event Enrichment Flow
The Most Powerful Capabilities
Combining the Best of Capabilities