Category: Blog post
-
A quick review on usage of threat intelligence for threat hunting
ntroduction: Threat hunting is a proactive and continuous process of searching for, identifying, and mitigating potential security threats that have bypassed an organization’s preventive security controls. With the rapidly evolving threat landscape, threat hunting has become an essential component of a comprehensive security strategy. Threat intelligence plays a critical role in threat hunting, providing organizations…
-
Using of Threat intelligence platform for successful threat detection and useful correlation in SIEM
Introduction: Threat intelligence is a critical component of modern cyber security, providing organizations with the information they need to detect and respond to emerging threats. One of the most effective ways to leverage threat intelligence is through the use of a Threat Intelligence Platform (TIP), which can provide organizations with the ability to detect, track,…
-
A quick review on Linux lateral movement tactics and techniques
Introduction: Linux lateral movement is a tactic used by attackers to move laterally within a network after they have gained initial access. The goal of lateral movement is to gain access to sensitive information and to escalate their privileges in order to achieve their ultimate objective, such as data exfiltration or complete compromise of the…
-
Review on windows lateral movement tactics and techniques
Introduction: Windows lateral movement is a tactic used by attackers to move laterally within a network after they have gained initial access. The goal of lateral movement is to gain access to sensitive information, such as sensitive files and data, and to escalate their privileges in order to achieve their ultimate objective, such as data…
-
Mapping NIST CSF to Incident response process
Introduction: The National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) provides organizations with a set of guidelines for improving their cybersecurity posture. The NIST CSF is a valuable resource for organizations looking to better understand and manage the risks associated with their assets, systems, and data. Incident response is the process of detecting,…
-
Threat intelligence
Introduction: Threat intelligence is the process of collecting, analyzing, and using information about current and potential threats to an organization’s assets, systems, and data. Threat intelligence is a critical component of a comprehensive cybersecurity program, as it provides organizations with the information they need to understand and respond to the evolving threat landscape. Background: The…
-
A quick review on the MITRE ATT&CK matrixA quick review on
Introduction: The MITRE ATT&CK matrix is a comprehensive and well-documented framework that provides organizations with a comprehensive understanding of the tactics, techniques, and procedures used by cyber attackers. The matrix is a valuable resource for organizations to use as a starting point for developing their threat intelligence and for improving their cybersecurity posture. Background: The…
-
A quick review on NIST CSF
The NIST Cybersecurity Framework (CSF) is a risk management framework developed by the National Institute of Standards and Technology (NIST) to help organizations manage and reduce cybersecurity risk. The framework provides a common language for understanding, managing, and communicating cybersecurity risk and provides a structure for organizations to develop and implement cybersecurity programs. The NIST…
ReZaAdineH 