@mikecybersecSupercharged SecOps Series — Automated Infostealer IOC Triage with Azure Logic Apps & CrowdStrike…Welcome back to another instalment of the ‘supercharged secops’ blog series. In this blog, I’ll show you how to alert on IOC patterns in…1d ago1d ago
@mikecybersecManaging a DFIR Knowledge BaseInspired by The Structure and Taxonomy of a Detection Knowledge Base | by Regan | May, 2024 | Detect FYI to share this Notion DB focused on…May 10May 10
@mikecybersecSupercharged SecOps Series— Forensics Triage with Azure and KQL 🚀Intro to the Supercharged SecOps seriesSep 15, 2023Sep 15, 2023
@mikecybersecHunting for potentially vulnerable Citrix servers with Shodan — CVE-2023–3519https://dribbble.com/shots/21918878-Mirkat-The-Dark-Web-MarketJul 20, 2023Jul 20, 2023
@mikecybersecStarting your ransomware detection journey: Detection Engineering approachesIt’s 2023, Ransomware is still the top dog for cyber threats. We’ve seen the recent introductions of data lake technology to SIEM, we’ve…Mar 6, 2023Mar 6, 2023
@mikecybersecScaling your SOC startup with LimaCharlie.ioLimaCharlie prsents itself as a ‘Security Infrastructure as a Service’ platform. The platform can connect to multiple sources via ‘sensors’…Aug 19, 20221Aug 19, 20221
@mikecybersecSplunk Attack Range W/ Docker & AWS“The Attack Range is a detection development platform, which solves three main challenges in detection engineering. First, the user is…Apr 16, 2021Apr 16, 2021
@mikecybersecINE Cyber Security Pass | ReviewHopefully a write up that will help you weigh up your choice with the INE Cyber Security pass.Jan 30, 2021Jan 30, 2021
@mikecybersecDeveloping Sigma rules with Sysmon and ELKDeveloping your detection rules with open source!Jan 14, 2021Jan 14, 2021
@mikecybersecMicrosoft Netlogon Vulnerability — Detection & RemediationCVE-2020–1472Nov 13, 2020Nov 13, 2020