Exploring Boss of the SOC v1 – Scenario 1 – Ransomware
Question 200 What was the most likely IPv4 address of we8105desk on 24AUG2016? We have the name of the computer, and the time interval of interest so we can craft…
Threat Hunting
Exploring Boss of the SOC v1 – Scenario 1 – Web Defacement
Various datasets online can help with practicing threat hunting. The Boss of the SOC dataset v1, released by Splunk is one of them. So I deployed a Splunk instance on…
Exploring Threat Hunting
Here are some quick notes I compiled as I was learning and experiencing with threat hunting Broad definition Threat hunting is a methodology in which the defenders assume the system/network…