Log Analysis: Basics
Understanding Logs in Infrastructure Systems Logs and Their Role Logs are time-sequenced messages recording events within a system, device, or application. Essential for insights into the inner workings of infrastructure…
Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker
Step-by-Step Guide to Install MISP Using Docker on Ubuntu In this guide, we will walk through the steps to install the MISP (Malware Information Sharing Platform) using Docker on an…
Useful Windows Event IDs
Windows System Logs Event ID 1074Â (System Shutdown/Restart): This event log indicates when and why the system was shut down or restarted. By monitoring these events, you can determine if there…
Posted inSOC Analyst BLUE TEAM DETECT
Yara
"The pattern matching swiss knife for malware researchers (and everyone else)" Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR…
Posted inINFOSEC Governance and Regulation NIST
NIST Cybersecurity Framework (CSF) and ISO/IEC 27001
NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 NIST CSF Functions and Categories to ISO/IEC 27001 Annex A Controls Identify (ID) Asset Management (ID.AM): A.8 (Asset Management) Business Environment (ID.BE): A.5…
Digital Operational Resilience Act (DORA)
Understanding the Digital Operational Resilience Act (DORA): A Comprehensive Overview In an era where digitalization permeates every aspect of our lives, the importance of cybersecurity and operational resilience has never…
Windows Event Logs
Understanding Windows Event Logs Each entry in the Windows Event Log is an "Event" and contains the following primary components: Log Name: The name of the event log (e.g., Application,…
Wireshark 101 | Packet Operations
Wireshark: Packet Operations Statistics | Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic,…