Defenders Have to Be Right Every Time. Attackers Only Need to Be Right OnceIn cybersecurity, one phrase often captures the endless struggle between defender and attacker: “Defenders have to be right all the time…6d ago6d ago
Threat Detection Bypass in Active Directory: Techniques and Mitigation StrategiesActive Directory (AD) is a cornerstone of modern enterprise IT infrastructure, managing authentication, authorization, and centralized…Jan 15Jan 15
Published inInfoSecStoriesPowershell logging for Blue TeamersAs a blue teamer, having a robust and comprehensive logging system is essential for effective PowerShell monitoring and detection…Feb 26, 2024Feb 26, 2024
Sysmon For LinuxSysmon for Linux is a powerful system monitoring tool designed to give deep insights into the processes and activities occurring in Linux…Feb 5, 2024Feb 5, 2024
Maximizing SIEM Efficiency: A Guide to Prioritizing Log Sources for Effective SOC ImplementationSecurity information and event management (SIEM) is an essential part of a strong cybersecurity strategy. It helps organizations detect and…Sep 12, 2023Sep 12, 2023
Unraveling RDP Events: Understanding Remote Desktop Protocol for Enhanced Security.Within the security operation center, visibility is everything. The security operations team responds swiftly and forcefully to potential…Jul 28, 2023Jul 28, 2023
Threat Intelligence 101: An Introduction to Cybersecurity’s Frontline DefenseCybersecurity has historically been inward-looking on identifying what we want to protect and then building defenses around them over time…Jul 20, 2023Jul 20, 2023
Enhancing Threat Detection with Microsoft SysmonCyber Threats are becoming more sophisticated and common these days. These threats have the potential to compromise sensitive data…Jun 20, 2023Jun 20, 2023
Effective Cybersecurity Strategies: Understanding the Cyber Kill Chain and How SOC Analysts Use It…In today’s digital age, businesses and organizations are constantly at risk of being targeted by cybercriminals. These malicious actors…Feb 15, 2023Feb 15, 2023
Security Analyst’s Trinity: MISP InstallationMISP (Malware Information Sharing Platform) is an open-source software platform for collecting, storing, distributing, and sharing…Jan 13, 2023Jan 13, 2023
