- Threat Detection: Detecting a Webserver Attack
- Threat Intelligence for SOC
- Detection Engineering vs Threat Hunting
- Yara 101
- Threat Intelligence Tools – Abuse.ch
- Threat Intelligence Tools – URLScan.io
- Custom detection rule with the MITRE ATT&CK framework in Splunk
- Investigate SQLi attacks using Splunk
- Splunk: Search Processing Language (SPL) Basics
- Practical Threat Hunting using Elastic SIEM: Hunting for Stuxbot
- MITRE Framework
- SOC Tools and Useful Links
- ELASTIC SIEM: Kibana Query Language (KQL)
- SOC Home LAB: Elastic SIEM Installation
- MISP (Malware Information Sharing Platform)
Views: 19
MITRE ATT&CK Navigator
https://mitre-attack.github.io/attack-navigator
MITRE D3FEND
MITRE ENGAGE
ATT&CK Emulation Plans
Center of Threat-Informed Defense (CTID)