Gianni
@kustoking.com
Reposted by Gianni
#DFIR and #ThreatHunting friends - the technical detail in this blog is pure gold for hunting and writing detections - even if you don't count TA397 high in your threat model, the techniques they use are not unique and the detections still apply: www.proofpoint.com/us/blog/thre...
December 17, 2024 at 5:21 PM
#DFIR and #ThreatHunting friends - the technical detail in this blog is pure gold for hunting and writing detections - even if you don't count TA397 high in your threat model, the techniques they use are not unique and the detections still apply: www.proofpoint.com/us/blog/thre...
Reposted by Gianni
Join @olafhartong.nl in his journey down the rabbit hole in search of new detection opportunities in the #Zeek telemetry embedded in Microsoft's EDR #MDE! Detection engineering is sometimes hard … 😎
falconforce.nl/detection-en...
#detectionengineering #kql #blueteam
falconforce.nl/detection-en...
#detectionengineering #kql #blueteam
December 16, 2024 at 2:40 PM
Join @olafhartong.nl in his journey down the rabbit hole in search of new detection opportunities in the #Zeek telemetry embedded in Microsoft's EDR #MDE! Detection engineering is sometimes hard … 😎
falconforce.nl/detection-en...
#detectionengineering #kql #blueteam
falconforce.nl/detection-en...
#detectionengineering #kql #blueteam
Reposted by Gianni
www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.
#infosec #cybersecurity #cyber #Detection
#infosec #cybersecurity #cyber #Detection
Elastic releases the Detection Engineering Behavior Maturity Model — Elastic Security Labs
Using this maturity model, security teams can make structured, measurable, and iteritive improvements to their detection engineering teams..
www.elastic.co
November 29, 2024 at 8:50 PM
www.elastic.co/security-lab... - great read on maturity model for Detection Engineering.
#infosec #cybersecurity #cyber #Detection
#infosec #cybersecurity #cyber #Detection