Powered By TEKGENX CONSULTING
A practical course on Threat Detection Engineering using Elastic SIEM/EDR
Views: 3π‘οΈ For Cybersecurity Defensive Operations and IR/Threat Hunting π Authentication Events ποΈ Account Management Events π Object Access Events β Note: Requires enabling object auditing via GPO and SACLs. π§° Privilege Use and Logon Types PRO Tip: Use Logon Type + Event 4624/4625 to spot RDP logins, scheduled tasks, or lateral movement attempts. βοΈ … Read more
Views: 18OpenCTI (Open Cyber Threat Intelligence Platform) is a powerful open-source solution designed to help security teams collect, store, organize, and visualize threat intelligence in a structured way. Whether youβre a SOC analyst, threat hunter, or security researcher, OpenCTI provides a unified environment to centralize CTI data, correlate intelligence from multiple sources, and share it … Read more