BSides talks featuring Kibana Alert Correlator (Kibalcor)

Python/PowerShell-based automated alert correlation tool that extracts process lineage from Sysmon/Windows Event Logs, performs multi-layer deobfuscation of Base64 and PowerShell payloads, correlates user actions across logs, and generates enriched investigation reports with HR context integration