Cybersecurity is a rapidly growing field, as the amount of data and technology being used in the world continues to increase. One way to break into the field is through a cybersecurity bootcamp. These bootcamps are short-term, intensive training programs that aim to teach the essential skills needed to start a career in cybersecurity. ThereRead More
Blue Team team members use some blue team tools while dealing with the alerts/incidents they have worked on. A few of these tools are the subject of this blog post. Below are descriptions and images of these tools: Procmon Procmon(Process Monitor) tool is a useful tool that provides real-time information by monitoring the activities ofRead More
Everyone agrees that there are difficulties in finding qualified people for the SOC environment. As a result of our research, there are some reports published on this subject, and according to these reports, the important causes of the problem are burnout, overwork, and a stressful working environment. When the remote working model, which has becomeRead More
SOC analysts need a lot of theoretical and practical knowledge when detecting threats in their work routines. One of the best sources they can obtain this information is books. We will talk about 3 different books in this article: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software Blue Team Field Manual (BTFM) AppliedRead More
The network is a path to target systems for attackers. This path is divided into 2 sections: Paths inside the organization and the interface that faces outside the organization. Network connections between the devices facing the external interface of the institution and network connections of the devices within the institution are critical for attack detectionRead More
SOC analysts obtain information on operating systems and analyze these logs in order to detect an attack and reveal the details about the attack. In this article, we will discuss which operating systems are encountered by SOC analysts and the logs that can be examined through these systems. Operating System Fundamentals for the Analyst WhenRead More
Proofpoint security researchers state that cyber attack groups have adopted a new technique called “RTF Template Injection” and reported that this technique has a low detection rate. It is also included in the report that phishing attacks were carried out on many institutions with the help of RTF Template Injection technique in 2021 by cyberRead More
Log4j RCE vulnerability is a popular vulnerability that everyone has probably heard of recently. For those wondering how the exploit of this vulnerability works and for those who want to test in a home environment, we will show you how to quickly set up a vulnerable lab for blue team members. Not much technical detailsRead More
In 2021 Cyber Monday, we will implement our Incident Responder module, where security analysts can add the necessary technical and practical knowledge to guide the steps towards becoming an incident responder, and where incident responders can improve themselves and sharpen their skills on current threats. We understand better that there is no 100% security byRead More
Introduction to Event Log Event Log During an investigation, Event Logs are tracked because they have a comprehensive form of activities. The “Event Viewer” tool can be used to simply examine the logs. It is often possible to obtain the following evidence with event log analysis:-Service start, stop-RDP activity-Changing user privileges-Failed login activities These actionsRead More