#dfir
To Detect or Not to Detect
Guidelines for evaluating effective SOC detections.
·
5min
·
Joe Lopes
To Detect or Not to Detect
Towards Actionable Detection
Actionable detection for relevant and contextual alerts.
·
4min
·
Joe Lopes
Towards Actionable Detection
Practical Threat Detection Engineering
Review of Practical Threat Detection Engineering book.
·
5min
·
Joe Lopes
Practical Threat Detection Engineering
Improving SecOps Beyond Tuning Analytics
·
5min
·
Joe Lopes
Improving SecOps Beyond Tuning Analytics
The Cuckoo's Egg
A 1980s Infosec thriller with groundbreaking investigations.
·
6min
·
Joe Lopes
The Cuckoo's Egg
The Threat Detection Fundamental Dilemma
Exploring the precision vs. recall dilemma in threat detection.
·
8min
·
Joe Lopes
The Threat Detection Fundamental Dilemma
Testing The Logfile Navigator
Log analysis with lnav: challenges, insights, and tips.
·
6min
·
Joe Lopes
Testing The Logfile Navigator
Insights into Effective SIEM Deployment
Strategies and tips for successful SIEM deployment.
·
8min
·
Joe Lopes
Insights into Effective SIEM Deployment
Understanding Severity and Priority
Find the best settings for consistent detection alerts.
·
3min
·
Joe Lopes
Understanding Severity and Priority
Intelligence-Driven Incident Response
How integrating CTI enhances Threat Detection and CSIRT.
·
4min
·
Joe Lopes
Intelligence-Driven Incident Response
Automating Incident Response
Tackling log centralization, SIEM, and IR automation.
·
9min
·
Joe Lopes
Automating Incident Response
Friction Between Red Teams and Incident Response
Reducing friction in Red Team cybersecurity exercises.
·
7min
·
Joe Lopes
Friction Between Red Teams and Incident Response
Query Security Services for IP Reputation
Query three security services for IP reputation in one script.
·
4min
·
Joe Lopes
Query Security Services for IP Reputation