threat_detection
Threat Intelligence for SOC
Views: 46Threat Intelligence is the analysis of data and information using tools and techniques to generate meaningful patterns to mitigate against potential risks associated with existing or emerging threats targeting organisations, industries, sectors or governments. There are different classifications of Threat Intelligence, and the primary types of it are: Threat Intelligence Producers Threat Intelligence Producers … Read more
Detection Engineering vs Threat Hunting
Views: 23DETECTION ENGINEERING: REINFORCING THE KNOWN Threat detection is the process of identifying threats in an organization that is actively trying to attack the endpoints, networks, devices and systems. Unlike threat hunting, a threat detection is a reactive approach: threat mitigation mechanisms activate only when the organization’s security system receives alerts on potential security breaches. … Read more
Netminer
Views: 22NetworkMiner Capability Description Traffic sniffing It can intercept the traffic, sniff it, and collect and log packets that pass through the network. Parsing PCAP files It can parse pcap files and show the content of the packets in detail. Protocol analysis It can identify the used protocols from the parsed pcap file. OS fingerprinting It can identify … Read more
Introduction to Network Forensics
Views: 20Source: Tryhackme Networkminer room Introduction to Network Forensics Network Forensics is a specific subdomain of the Forensics domain, and it focuses on network traffic investigation. Network Forensics discipline covers the work done to access information transmitted by listening and investigating live and recorded traffic, gathering evidence/artefacts and understanding potential problems. The investigation tries to … Read more