#detection

Cyberpunk robot holding a skull like Hamlet.

To Detect or Not to Detect

Guidelines for evaluating effective SOC detections.

· 5min · Joe Lopes
To Detect or Not to Detect
Illustration of a green radar with AI symbols.

Towards Actionable Detection

Actionable detection for relevant and contextual alerts.

· 4min · Joe Lopes
Towards Actionable Detection
Astronauts during the Apollo 7 debriefing.

Project Nebula: Debriefing

Final thoughts and improvements for the Nebula detection lab.

· 7min · Joe Lopes
Project Nebula: Debriefing
Elastic logo.

Project Nebula: Detecting with Elastic

Elastic Stack deployment for log monitoring.

· 13min · Joe Lopes
Project Nebula: Detecting with Elastic
Wazuh logo.

Project Nebula: Detecting with Wazuh

Setting up Wazuh for log collection and detection rules.

· 9min · Joe Lopes
Project Nebula: Detecting with Wazuh
Photo of the Crab Nebula.

Project Nebula: Build a Simple Detection Lab

Easy guide to setting up a simple detection engineering lab.

· 7min · Joe Lopes
Project Nebula: Build a Simple Detection Lab
Practical Threat Detection Engineering book cover.

Practical Threat Detection Engineering

Review of Practical Threat Detection Engineering book.

· 5min · Joe Lopes
Practical Threat Detection Engineering
Google Chronicle logo.

Auto-Cleaning Lists in Chronicle SIEM

Automate Chronicle SIEM list cleanup for expired items.

· 9min · Joe Lopes
Auto-Cleaning Lists in Chronicle SIEM
Illustration of a cyberpunk spider netadmin.

Endpoint Security Reflections feat. EDR

Comparing EDR with alternative endpoint solutions.

· 8min · Joe Lopes
Endpoint Security Reflections feat. EDR
MISP logo.

Integrating MISP with Chronicle SIEM

Integrate CTI and CSIRT automatically and efficiently.

· 15min · Joe Lopes
Integrating MISP with Chronicle SIEM
Illustration of a cyberpunk myth buster.

Debunking Threat Detection Myths

Debunking threat detection myths for improved SecOps.

· 4min · Joe Lopes
Debunking Threat Detection Myths
Illustration of a cyberpunk cooker octopus.

Improving SecOps Beyond Tuning Analytics

· 5min · Joe Lopes
Improving SecOps Beyond Tuning Analytics
Clifford Stoll, author of The Cuckoo's Egg.

The Cuckoo's Egg

A 1980s Infosec thriller with groundbreaking investigations.

· 6min · Joe Lopes
The Cuckoo's Egg
Illustration of a cyberpunk character thinking atop a building.

The Threat Detection Fundamental Dilemma

Exploring the precision vs. recall dilemma in threat detection.

· 8min · Joe Lopes
The Threat Detection Fundamental Dilemma
MITRE ATT&CK logo.

MITRE ATT&CK 101: Bridging the Gap

Guide to MITRE ATT&CK with history and context for better usage.

· 10min · Joe Lopes
MITRE ATT&CK 101: Bridging the Gap
MITRE ATT&CK logo.

Getting Real About MITRE ATT&CK

Understanding MITRE ATT&CK and using it in your favor.

· 4min · Joe Lopes
Getting Real About MITRE ATT&CK
Engineer planning a house.

Insights into Effective SIEM Deployment

Strategies and tips for successful SIEM deployment.

· 8min · Joe Lopes
Insights into Effective SIEM Deployment
Security Operations robots monitoring alerts.

Understanding Severity and Priority

Find the best settings for consistent detection alerts.

· 3min · Joe Lopes
Understanding Severity and Priority
Intelligence-Driven Incident Response book cover.

Intelligence-Driven Incident Response

How integrating CTI enhances Threat Detection and CSIRT.

· 4min · Joe Lopes
Intelligence-Driven Incident Response
Google Chronicle logo.

Chronicle SIEM: Insights and Challenges Explored

Chronicle features and challenges in Threat Detection.

· 12min · Joe Lopes
Chronicle SIEM: Insights and Challenges Explored
Cyberpunk network machine gun.

Effective Detection Rules for Net and Port Scans

Effective network and port scan detection.

· 7min · Joe Lopes
Effective Detection Rules for Net and Port Scans