Today, one of the attackers’ most widely used techniques is the Fileless Malware. Fileless Malware refers to malware that does not use a specific code or binary on the disk to execute and does not execute certain content on the disk, which is malicious code related to the attacker’s malware. Fileless Malware can take many […]
In this article, we will introduce 15 widely used tools in Blue Team (Blue Team). These tools are among the most important and most commonly used tools in the area of Blue Team, which are provided for free and open-source, and you can use You do. From the need to pay. Tool 1 – TheHive […]
Managed Detection and Response (MDR) is one of the security processes organizations use that outsource their data and resources security. In a more straightforward sense, organizations to protect themselves and their data and detect and monitor threats within the organization instead of making a security operations center, hiring and creating a security team/incidents response team/threat […]
In this post I will talk about how to send Sysmon to Splunk. One of the most popular security products is Splunk, which is mainly used to identify threats and analyze events. In this part of the Sysmon 101 course, we will talk about how to send a Sysmon log to Splunk. Send Sysmon Log […]
In the third part of Sysmon 101 training course, we are going to talk about the events that are used in Sysmon to hunt for threats.Part 1: What Is Threat Hunting?Part 2: What Is Sysmon? And How To Install Sysmon Event ID 1: Process Creation Process creation events give us a variety of information about […]
The Sysmon tool is part of the Sysinternals software suite provided by Microsoft. The Sysmon tool allows us to analyze, and monitor Windows system events and logs. Through Sysmon, we can analyze and investigate system events and use them to identify threats and respond to incidents … This software has become one of the most […]
Elissa Garlin
Think of a news blog that’s filled with content hourly on the day of going live.