Blog
- Optimizing Threat Detection Through Effective Log Source Management - 05 November 2024
- Building a Detection Engineering Strategy Aligned with Your Organization’s Security Goals - 29 August 2024
- Measuring the Effectiveness of Your Detection Rules and Continuously Optimizing Your Detection Engineering Process - 27 August 2024
- Integrating Threat Intelligence into Detection Engineering - 26 August 2024
- Automating the Deployment and Management of Detection Rules Using CI/CD Pipelines - 23 August 2024
- Handling False Positives and False Negatives in Detection Rules - 22 August 2024
- Creating a Detection - 20 August 2024
- Detection Engineering and Detection as Code - 19 August 2024
- Automated Exfiltration - 07 June 2024
- Exfiltration Over C2 Channel - 05 June 2024
- Email Collection - 04 June 2024
- Exfiltration Over Alternative Protocol - 03 June 2024
- Data from Network Shared Drive - 03 June 2024
- Data from Local System - 31 May 2024
- Exploitation of Remote Services - 29 May 2024
- Windows Admin Shares - 28 May 2024
- Remote Services - 24 May 2024
- Network Share Discovery - 23 May 2024
- System Information Discovery - 22 May 2024
- Account Discovery - 21 May 2024
- Unsecured Credentials - 17 May 2024
- Brute Force - 16 May 2024
- OS Credential Dumping - 13 May 2024
- Disabling Security Tools - 08 May 2024
- Obfuscated Files or Information - 18 April 2024
- Masquerading - 17 April 2024
- Bypass User Account Control - 16 April 2024
- Process Injection - 15 April 2024
- Exploitation for Privilege Escalation - 11 April 2024
- Scheduled Task/Job - 10 April 2024
- Server Software Component - 09 April 2024
- Valid Accounts - 03 April 2024
- Command and Scripting Interpreters - 02 April 2024
- Windows Command Shell - 01 April 2024
- PowerShell - 29 March 2024
- Trusted Relationships - 28 March 2024
- Exploiting Public Facing Applications - 27 March 2024
- Phishing - 26 March 2024
- Most Common MITRE Att&ck Techniques - 25 March 2024
- The Art of Determining Cybersecurity Risk - 26 February 2024
- Incorporating ChatGPT and Other Language Models - 03 November 2023
- Responding to SIEM Alerts - 17 October 2023
- Threat Intelligence Feeds - 09 October 2023
- Unlocking the Power of OSINT A Comprehensive Guide - 14 September 2023
- Fortifying Your Business A Comprehensive Guide to Ransomware Protection - 11 August 2023
- Harnessing the Strength of Open Source Threat Intelligence - 10 August 2023
- Harnessing the Power of Threat Intelligence Platforms A Technical Guide to Staying Ahead in Cybersecurity - 07 August 2023
- Staying Ahead of the Latest Cyber Threats - 04 August 2023
- Docker Security Safeguarding Containers in the Cyber World - 28 June 2023
- Auditd Unleashing the Power of System Auditing for Enhanced Cybersecurity - 27 June 2023
- Fortifying Your Network Strategies for Enhancing Network Security - 26 June 2023
- Investigating SIEM Alerts for Windows Systems - 22 June 2023
- Investigating SIEM Alerts on Linux Hosts Unveiling the Truth in Log Files - 21 June 2023
- Using Python to Analyze Files For Malware - 18 May 2023
- What to Start Automating - 17 May 2023
- Automation in Security - 16 May 2023
- Machine Learning in Threat Hunting - 20 April 2023
- Identifying Anomalies - 19 April 2023
- Fundamental Basics of Threat Hunting - 18 April 2023
- TLS Attacks - 14 April 2023
- TLS Connections - 13 April 2023
- Log Analysis - 31 March 2023
- Exploit Kits - 30 March 2023
- Fileless Attacks - 29 March 2023
- Deepening your knowledge - 28 March 2023
- Study Techniques - 27 March 2023
- Important Windows Logs - 24 March 2023
- Learning Windows Logs - 23 March 2023
- ElasticSIEM VS Wazuh - 22 March 2023
- Open Source Tools for Home Lab - 21 March 2023
- Setting up a Home Lab - 20 March 2023
- OS Credential Dumping LSASS Memory Dump - 20 March 2023
- Sharing Threat Intelligence Reports - 17 March 2023
- Where to Get Threat Intelligence Reports - 16 March 2023
- Threat Intelligence Reports - 15 March 2023
- Learn TTPs - 14 March 2023
- Learn Threat Hunting - 13 March 2023
- Threat Hunting - 07 March 2023
- IOCs - 30 December 2022
- STIX - 29 December 2022
- OSINT - 28 December 2022
- Incident Response - 27 December 2022
- Incident Response - 23 December 2022
- Ansible - 22 December 2022
- SIGMA Rules - 21 December 2022
- Yara Rules - 20 December 2022
- Server Side Request Forgery - 19 December 2022
- Buffer Overflow - 16 December 2022
- SQL Injection - 15 December 2022
- Protecting Against Ransomware - 14 December 2022
- Ransomware - 13 December 2022
- Tuning SIEM Alerts - 12 December 2022
- Vulnerability Management - 09 December 2022
- SIEM - 08 December 2022
- Purple Team - 07 December 2022
- Red Team - 06 December 2022
- Blue Teams - 05 December 2022