Tag: Threat Detection and Analysis
-
A quick review on SANS SEC 555 course on SIEM with technical analytics
SIEM with Tactical Analytics: A Technical White Paper Introduction: The purpose of this white paper is to provide an overview of the SANS SEC 555 course, “SIEM with Tactical Analytics.” This comprehensive training program is designed to teach security professionals how to implement and effectively use a Security Information and Event Management (SIEM) system. The…
-
Threat modelling for threat detection
Introduction: Security operations centers (SOCs) play a critical role in protecting an organization’s assets and infrastructure. Threat modeling is a critical component of modern security practices and allows SOCs to identify, analyze, and prioritize potential security threats. In this paper, we will focus on the use of the attack tree method and the MITRE Matrix…
-
A quick review on Splunk
time operational intelligence. With its ability to collect, store, and analyze large amounts of machine-generated data, Splunk has become a popular solution for organizations looking to improve their security operations and incident response capabilities. Technical Architecture: Splunk is built on a distributed architecture that allows organizations to easily scale the platform to meet their specific…
-
Security Operations Center Generations
Introduction: A Security Operations Center (SOC) is a centralized team responsible for the management and protection of an organization’s information security. Over the years, the SOC has evolved and undergone several generations of development, each with its own unique set of characteristics, technologies, and processes. This white paper will explore the evolution of the SOC,…
-
A quick review on usage of threat intelligence for threat hunting
ntroduction: Threat hunting is a proactive and continuous process of searching for, identifying, and mitigating potential security threats that have bypassed an organization’s preventive security controls. With the rapidly evolving threat landscape, threat hunting has become an essential component of a comprehensive security strategy. Threat intelligence plays a critical role in threat hunting, providing organizations…
ReZaAdineH 