Includes index

Foundations of secure data engineering. Data engineering basics -- Network encryption -- Source and configuration management -- Log extraction and management. Endpoint and network data -- Windows logs -- Integrating and storing data -- Working with syslogdata -- Data transformation and standardization. Data manipulation pipelines -- Transformation filters -- Data centralization, automation, and enrichment. Centralizing security data -- Automating tool configurations -- Ansible tasks and playbooks -- Caching threat intelligence data

"This book covers the process of gathering, transforming, and storing data so cybersecurity analysts can effectively protect their organizations. Readers will learn how to use free and open source tools to collect data from workstations, servers, and appliances. They will learn the importance of standardizing the data, how to privatize or redact parts of it, how to use encryption to protect the data, and how to manage configuration versions using Git. They will also learn strategies for "enriching" data,such as adding usernames gathered from one data source to another one to make incident detection faster"-- Provided by publisher