BLUE TEAM – Page 3 – NetwerkLABS

Yara

"The pattern matching swiss knife for malware researchers (and everyone else)" Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR…

Bharath Narayanasamy

INFOSEC Governance and Regulation NIST

NIST Cybersecurity Framework (CSF) and ISO/IEC 27001

NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 NIST CSF Functions and Categories to ISO/IEC 27001 Annex A Controls Identify (ID) Asset Management (ID.AM): A.8 (Asset Management) Business Environment (ID.BE): A.5…

Bharath Narayanasamy

Risk Management INFOSEC Governance and Regulation

Digital Operational Resilience Act (DORA)

Understanding the Digital Operational Resilience Act (DORA): A Comprehensive Overview In an era where digitalization permeates every aspect of our lives, the importance of cybersecurity and operational resilience has never…

Bharath Narayanasamy

DETECT wazuh

Wazuh: Detecting Web Attacks

Bharath Narayanasamy

wazuh DETECT

Ingesting OPNsense logs into Wazuh SIEM

Bharath Narayanasamy

Threat Detection and Incident Response Intrusion Detection and Response

Code Obfuscation and Deobfuscation

Code Obfuscation is a technique used to make a script more difficult to read by humans but allows it to function the same from a technical point of view, though…

Bharath Narayanasamy

DFIR VulnLAB Threat Detection and Incident Response

Incident Response

Incident response, also known as incident handling, is a cyber security function that uses various methodologies, tools and techniques to detect and manage adversarial attacks while minimizing impact, recovery time…

Bharath Narayanasamy

BLUE TEAM

Pyramid of Pain

Bharath Narayanasamy

Threat Detection and Incident Response DETECT SOC Analyst

Windows Event Logs

Understanding Windows Event Logs Each entry in the Windows Event Log is an "Event" and contains the following primary components: Log Name: The name of the event log (e.g., Application,…

Bharath Narayanasamy

VulnLAB Threat Detection and Incident Response DETECT

Wireshark 101 | Packet Operations

Wireshark: Packet Operations Statistics | Summary This menu provides multiple statistics options ready to investigate to help users see the big picture in terms of the scope of the traffic,…

Bharath Narayanasamy