Supercharged SecOps Series — Automated Infostealer IOC Triage with Azure Logic Apps & CrowdStrike…Welcome back to another instalment of the ‘supercharged secops’ blog series. In this blog, I’ll show you how to alert on IOC patterns in…Nov 19, 2024Nov 19, 2024
Managing a DFIR Knowledge BaseInspired by The Structure and Taxonomy of a Detection Knowledge Base | by Regan | May, 2024 | Detect FYI to share this Notion DB focused on…May 10, 2024May 10, 2024
Supercharged SecOps Series— Forensics Triage with Azure and KQL 🚀Intro to the Supercharged SecOps seriesSep 15, 2023Sep 15, 2023
Hunting for potentially vulnerable Citrix servers with Shodan — CVE-2023–3519https://dribbble.com/shots/21918878-Mirkat-The-Dark-Web-MarketJul 20, 2023Jul 20, 2023
Starting your ransomware detection journey: Detection Engineering approachesIt’s 2023, Ransomware is still the top dog for cyber threats. We’ve seen the recent introductions of data lake technology to SIEM, we’ve…Mar 6, 2023Mar 6, 2023
Scaling your SOC startup with LimaCharlie.ioLimaCharlie prsents itself as a ‘Security Infrastructure as a Service’ platform. The platform can connect to multiple sources via ‘sensors’…Aug 19, 20221Aug 19, 20221
Splunk Attack Range W/ Docker & AWS“The Attack Range is a detection development platform, which solves three main challenges in detection engineering. First, the user is…Apr 16, 2021Apr 16, 2021
INE Cyber Security Pass | ReviewHopefully a write up that will help you weigh up your choice with the INE Cyber Security pass.Jan 30, 2021Jan 30, 2021
Developing Sigma rules with Sysmon and ELKDeveloping your detection rules with open source!Jan 14, 2021Jan 14, 2021
