#security
Practical Threat Detection Engineering
Review of Practical Threat Detection Engineering book.
Auto-Cleaning Lists in Chronicle SIEM
Automate list maintenance in Chronicle SIEM by removing expired entries.
Endpoint Security Reflections feat. EDR and EDR-like Tools
Exploring the pros and cons of EDR and alternative endpoint solutions.
Integrating MISP with Chronicle SIEM
Streamline the integration between CTI and CSIRT in an automated and efficient way.
Debunking Threat Detection Myths
Challenging myths in threat detection analytics for enhanced security operations.
How to Sign Commits in Git(Hub)
Secure Git commits with cryptography and make your repositories more reliable.
Improving SecOps Beyond Tuning Analytics
The Cuckoo's Egg
A 1980s Infosec thriller with groundbreaking investigations.
The Threat Detection Fundamental Dilemma
Exploring the dilemma in threat detection: Precision vs. Recall for analytics.
A Little Hardening with Burp
How I used Burp to improve this blog's security.
MITRE ATT&CK 101: Bridging the Gap
Guide to MITRE ATT&CK with history and context for better usage.
Testing The Logfile Navigator
Exploring log analysis with lnav tool: challenges, insights, and tips.
Getting Real About MITRE ATT&CK
Understanding MITRE ATT&CK and using it in your favor.
Insights into Effective SIEM Deployment
Strategies and tips for successful SIEM deployment.
Understanding Severity and Priority
Uncover optimal Detection Rule settings for consistent, efficient alerts.
Intelligence-Driven Incident Response
Discover how integrating CTI enhances Threat Detection and CSIRT.
Chronicle SIEM: Insights and Challenges Explored
Features and challenges in a review centered around Threat Detection.
Effective Detection Rules for Net and Port Scans
Effective network and port scan detection.
Hardening Email with DKIM, SPF, DMARC
Learn how to protect your mailboxes from cyber threats.
Export and Decode GAuth 2FA Accounts
How to export and decode GAuth 2FA.
Using AWS Secrets Manager in Your Scripts
Learn to authenticate in tools seamlessly.
Updating Signed Documents with GPG
Update GPG signed documents, from key import to patching files in batch.
Automating Incident Response
Tackling log centralization, SIEM operationalization, and IR automation.
The Importance of Logging Strategy
Streamlined planning and retention practices for better logging.
Friction Between Red Teams and Incident Response
Avoidable friction between cybersecurity teams during Red Team exercises.
Query Security Services for IP Reputation
Query three security services in one shell script to check IP reputation.
Creating a Hardened Testing Environment
Install and harden Arch Linux to create a safer OS for network tests.
Secure and Easy Password and MFA Management
Manage your passwords and MFA tools to maximize security and usability.
AWS Certified Security - Specialty Review
The materials and strategy I used to get this certification.
My Journey to CISSP Certification
My experience getting the CISSP certification.
Linux Hardening with CIS Controls
Applying CIS controls for improving the security of an Arch Linux.
Arch Linux Hardened Installation Guide
Step-by-step guide to perform a hardened Arch Linux installation.
Certificação CompTIA Security+
Relato de como se preparar para a certificação S+ e dicas para estudos.
