Detecting Threats with Graylog Pipelines - Part 3
Leverage Graylog to detect threats within your environment.…
Leverage Graylog to detect threats within your environment.…
In my previous post, I explained the fundamental purpose and use cases of pipelines in Graylog – now let's move towards some more advanced topics. Now that you have normalized your data in an early stage pipeline, you can craft enrichment pipelines that can now expect predictable field names for standard…
If you are here hoping to learn more about using Graylog for the purpose of monitoring the security posture of your organization, strap in – it's about to get real. In this series of posts, I will share how we have historically leveraged Graylog's Pipeline capability to implement various threat detection…
We have completed thousands of hours training teams and the primary factor which distinguishes good teams from great teams is how they train.…
A discussion on some of the underlying software and development processes that are reported to have been involved in the initial compromise in the SUNBURST attack.…
Whether you're on the Defensive or Offensive side of security, it's important to understand how common attack tools look in an environment. As someone defending a network, the use of proper logging can help prevent visibility gaps. You could have the best perimeter detections that are available, but without visibility…
The Recon team is excited to announce the launch of SOC X, the Professional SOC Team World Championship! The inaugural event will be on March 4, 2021.…
The Recon team is thrilled to announce our newest offering, NDR Live Online! NDR Live Online gives organizations the opportunity to develop individual analysts and teams with remotely-delivered, live-fire, scenario-based, experiential training throughout the year.…
Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and endpoint management. It currently supports Windows, Linux, and Mac endpoints, and BONUS: it's open source! We use it extensively, and we have also embedded it into our NDR Training! If you are unfamiliar: Source:…
Create a MITRE ATT&CK Navigator Map of an Adversary Emulation Plan…