From f8fba29a72a73f62adc39dda4df859a65236039b Mon Sep 17 00:00:00 2001
From: Mike Cohen <scudette@users.noreply.github.com>
Date: Thu, 23 May 2024 17:33:23 +1000
Subject: [PATCH] Fixed image sizing (#32)

---
 docs/index.html                                   |  2 +-
 .../artifact.yaml                                 | 15 ++++++++-------
 .../2024-auscert-detection_engineering/index.html | 15 ++++++++-------
 .../2024-auscert-detection_engineering/index.md   | 15 ++++++++-------
 .../2024-auscert-detection_engineering/index.md   | 15 ++++++++-------
 5 files changed, 33 insertions(+), 29 deletions(-)

diff --git a/docs/index.html b/docs/index.html
index e9078b5..d01b904 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -6516,7 +6516,7 @@ <h1 class="display-5 fw-bold text-body-emphasis">
          <a class="text-reset fw-bold" href="https://rapid7.com/">Rapid7 Inc</a>
        </div>
        <div class="me-4 text-reset">
-         Built on 2024-05-20T04:21:25Z
+         Built on 2024-05-21T20:30:35Z
        </div>
     </section>
   </footer>
diff --git a/docs/presentations/2024-auscert-detection_engineering/artifact.yaml b/docs/presentations/2024-auscert-detection_engineering/artifact.yaml
index 8bcd77c..5f93454 100644
--- a/docs/presentations/2024-auscert-detection_engineering/artifact.yaml
+++ b/docs/presentations/2024-auscert-detection_engineering/artifact.yaml
@@ -14,11 +14,9 @@ sources:
        
        ## Advances in Detection Engineering
        
-       ### Mike Cohen, Digital Paleontologist
+       ### Mike Cohen, Digital Paleontologist, Rapid7
        
        </div>
-       
-       <img src="https://github.com/Velocidex/presentations/blob/master//resources/velo_bike.gif?raw=true" class="fixed" style=" right: 0px;  bottom: 0px; height: 300px; z-index: -10;"/>
    - type: markdown
      template: |
        <!-- .slide: class="content" -->
@@ -41,7 +39,8 @@ sources:
        
        ## Traditional SIEM based detection
        
-       ![](https://github.com/Velocidex/presentations/blob/master/edr_env.png?raw=true)
+       
+       <img src="https://github.com/Velocidex/presentations/blob/master/edr_env.png?raw=true" style=" height: 90hv;"/>
    - type: markdown
      template: |
        <!-- .slide: class="content small-font" -->
@@ -76,7 +75,7 @@ sources:
        
        ## New interchange format - Sigma
        
-       ![](https://github.com/Velocidex/presentations/blob/master/sigma_architecture.png?raw=true)
+       <img src="https://github.com/Velocidex/presentations/blob/master/sigma_architecture.png?raw=true" style=" height: 60vh;"/>
    - type: markdown
      template: |
        <!-- .slide: class="content small-font" -->
@@ -353,7 +352,8 @@ sources:
        
        * Endpoint tools can directly evaluate Sigma rules on the event logs
        
-       ![](https://github.com/Velocidex/presentations/blob/master/velociraptor_sigma_flow.png?raw=true)
+       
+       <img src="https://github.com/Velocidex/presentations/blob/master/velociraptor_sigma_flow.png?raw=true" style=" height: 40vh;"/>
    - type: markdown
      template: |
        <!-- .slide: class="content small-font" -->
@@ -465,7 +465,7 @@ sources:
        
        * VQL is fully asynchronous - real time queries.
        
-       ![](https://github.com/Velocidex/presentations/blob/master/client_events_arch.png?raw=true)
+       <img src="https://github.com/Velocidex/presentations/blob/master/client_events_arch.png?raw=true" style=" height: 50vh;"/>
    - type: markdown
      template: |
        <!-- .slide: class="content" -->
@@ -533,3 +533,4 @@ sources:
        * [Velociraptor Sigma Compiler](https://sigma.velocidex.com/)
        * [Velociraptor Sigma Rules Github](https://github.com/Velocidex/velociraptor-sigma-rules)
        * [Sigma in Velociraptor](https://docs.velociraptor.app/blog/2023/2023-11-15-sigma_in_velociraptor/)
+       * Graphics by Justin Welgemoed @predictiple
diff --git a/docs/presentations/2024-auscert-detection_engineering/index.html b/docs/presentations/2024-auscert-detection_engineering/index.html
index 859b9a5..d9a90d7 100644
--- a/docs/presentations/2024-auscert-detection_engineering/index.html
+++ b/docs/presentations/2024-auscert-detection_engineering/index.html
@@ -30,12 +30,10 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 
 ## Advances in Detection Engineering
 
-### Mike Cohen, Digital Paleontologist
+### Mike Cohen, Digital Paleontologist, Rapid7
 
 </div>
 
-<img src="/resources/velo_bike.gif" class="fixed" style=" right: 0px;  bottom: 0px; height: 300px; z-index: -10;"/>
-
 ---
 
 <!-- .slide: class="content" -->
@@ -59,7 +57,8 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 
 ## Traditional SIEM based detection
 
-![](edr_env.png)
+
+<img src="edr_env.png" style=" height: 90hv;"/>
 
 ---
 
@@ -97,7 +96,7 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 
 ## New interchange format - Sigma
 
-![](sigma_architecture.png)
+<img src="sigma_architecture.png" style=" height: 60vh;"/>
 
 ---
 
@@ -388,7 +387,8 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 
 * Endpoint tools can directly evaluate Sigma rules on the event logs
 
-![](velociraptor_sigma_flow.png)
+
+<img src="velociraptor_sigma_flow.png" style=" height: 40vh;"/>
 
 
 ---
@@ -511,7 +511,7 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 
 * VQL is fully asynchronous - real time queries.
 
-![](client_events_arch.png)
+<img src="client_events_arch.png" style=" height: 50vh;"/>
 
 ---
 
@@ -586,6 +586,7 @@ <h1 style="font-size: 4ex">Detection Engineering</h1>
 * [Velociraptor Sigma Compiler](https://sigma.velocidex.com/)
 * [Velociraptor Sigma Rules Github](https://github.com/Velocidex/velociraptor-sigma-rules)
 * [Sigma in Velociraptor](https://docs.velociraptor.app/blog/2023/2023-11-15-sigma_in_velociraptor/)
+* Graphics by Justin Welgemoed @predictiple
 
 </textarea>
 </section>
diff --git a/docs/presentations/2024-auscert-detection_engineering/index.md b/docs/presentations/2024-auscert-detection_engineering/index.md
index 3b8bf4e..aebda0b 100644
--- a/docs/presentations/2024-auscert-detection_engineering/index.md
+++ b/docs/presentations/2024-auscert-detection_engineering/index.md
@@ -7,12 +7,10 @@
 
 ## Advances in Detection Engineering
 
-### Mike Cohen, Digital Paleontologist
+### Mike Cohen, Digital Paleontologist, Rapid7
 
 </div>
 
-<img src="/resources/velo_bike.gif" class="fixed" style=" right: 0px;  bottom: 0px; height: 300px; z-index: -10;"/>
-
 ---
 
 <!-- .slide: class="content" -->
@@ -36,7 +34,8 @@
 
 ## Traditional SIEM based detection
 
-![](edr_env.png)
+
+<img src="edr_env.png" style=" height: 90hv;"/>
 
 ---
 
@@ -74,7 +73,7 @@ Let's just define a new "Standard":
 
 ## New interchange format - Sigma
 
-![](sigma_architecture.png)
+<img src="sigma_architecture.png" style=" height: 60vh;"/>
 
 ---
 
@@ -365,7 +364,8 @@ detection:
 
 * Endpoint tools can directly evaluate Sigma rules on the event logs
 
-![](velociraptor_sigma_flow.png)
+
+<img src="velociraptor_sigma_flow.png" style=" height: 40vh;"/>
 
 
 ---
@@ -488,7 +488,7 @@ vql_args:
 
 * VQL is fully asynchronous - real time queries.
 
-![](client_events_arch.png)
+<img src="client_events_arch.png" style=" height: 50vh;"/>
 
 ---
 
@@ -563,3 +563,4 @@ vql_args:
 * [Velociraptor Sigma Compiler](https://sigma.velocidex.com/)
 * [Velociraptor Sigma Rules Github](https://github.com/Velocidex/velociraptor-sigma-rules)
 * [Sigma in Velociraptor](https://docs.velociraptor.app/blog/2023/2023-11-15-sigma_in_velociraptor/)
+* Graphics by Justin Welgemoed @predictiple
diff --git a/presentations/2024-auscert-detection_engineering/index.md b/presentations/2024-auscert-detection_engineering/index.md
index 3b8bf4e..aebda0b 100644
--- a/presentations/2024-auscert-detection_engineering/index.md
+++ b/presentations/2024-auscert-detection_engineering/index.md
@@ -7,12 +7,10 @@
 
 ## Advances in Detection Engineering
 
-### Mike Cohen, Digital Paleontologist
+### Mike Cohen, Digital Paleontologist, Rapid7
 
 </div>
 
-<img src="/resources/velo_bike.gif" class="fixed" style=" right: 0px;  bottom: 0px; height: 300px; z-index: -10;"/>
-
 ---
 
 <!-- .slide: class="content" -->
@@ -36,7 +34,8 @@
 
 ## Traditional SIEM based detection
 
-![](edr_env.png)
+
+<img src="edr_env.png" style=" height: 90hv;"/>
 
 ---
 
@@ -74,7 +73,7 @@ Let's just define a new "Standard":
 
 ## New interchange format - Sigma
 
-![](sigma_architecture.png)
+<img src="sigma_architecture.png" style=" height: 60vh;"/>
 
 ---
 
@@ -365,7 +364,8 @@ detection:
 
 * Endpoint tools can directly evaluate Sigma rules on the event logs
 
-![](velociraptor_sigma_flow.png)
+
+<img src="velociraptor_sigma_flow.png" style=" height: 40vh;"/>
 
 
 ---
@@ -488,7 +488,7 @@ vql_args:
 
 * VQL is fully asynchronous - real time queries.
 
-![](client_events_arch.png)
+<img src="client_events_arch.png" style=" height: 50vh;"/>
 
 ---
 
@@ -563,3 +563,4 @@ vql_args:
 * [Velociraptor Sigma Compiler](https://sigma.velocidex.com/)
 * [Velociraptor Sigma Rules Github](https://github.com/Velocidex/velociraptor-sigma-rules)
 * [Sigma in Velociraptor](https://docs.velociraptor.app/blog/2023/2023-11-15-sigma_in_velociraptor/)
+* Graphics by Justin Welgemoed @predictiple