Detección de anomalías con Elastic Stack

Farinango Endara, Henry Patricio

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/126629

Title:	Detección de anomalías con Elastic Stack
Author:	Farinango Endara, Henry Patricio
Tutor:	Flores Terrón, Miguel Ángel
Others:	Garcia-Font, Victor
Abstract:	The dependence on technology makes companies nowday implement security through multiple levels in order to prevent the company from having problems of threats against information security and affecting its internal resources in a critical way. In this Master's thesis, the security solution based on the 'all-in-one' architecture of Wazuh and Elastic Stack is implemented as a laboratory, in order to carry out proofs of concept for the detection of anomalies that occur in the devices on a LAN network, in this case specifically for servers that are in a DMZ, which makes up the Wazuh agent. In this way, the security contribution proactively with the collection of logs in real time, allows this system in question to generate alerts in case of attempted attacks and execute Active Response, an action that allows mitigating the detected incident. This project promotes the opensource software solutions, validating that it is a complete business security solution in the context of log data analysis to secure host of the internal business network. It is concluded that the solution is ideal for business environments of any kind, even more for small environments such as ours simulated. Considering that the way to automate responses against security incidents proposes a great alternative in the field of information technology.
Keywords:	business security elastic stack wazuh
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	29-Dec-2020
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.