SOC Analyst

How to Become a SOC Analyst: in 2022

The main task of the cybersecurity analyst is to analyze the threats faced by the organization’s network. It is also referred to as SOC analyst in some sources, so you can think of the security analyst on the rest of the article where you see SOC Analyst. What is a SOC Analyst? SOC Analysts areRead More

Attacking Detection News

How to Create Home Lab for Log4j Exploit

Log4j RCE vulnerability is a popular vulnerability that everyone has probably heard of recently. For those wondering how the exploit of this vulnerability works and for those who want to test in a home environment, we will show you how to quickly set up a vulnerable lab for blue team members. Not much technical detailsRead More


Incident Response Edition – Documentation

  What is “Incident Response Edition”? Incident Response Edition is a training package with plenty of practical opportunities prepared for those who want to pursue a career in the field of incident response and those who want to improve their current skills. How Should I Use It? You can progress in the most efficient wayRead More

Detection News

New Incident Responder Plan

In 2021 Cyber Monday, we will implement our Incident Responder module, where security analysts can add the necessary technical and practical knowledge to guide the steps towards becoming an incident responder, and where incident responders can improve themselves and sharpen their skills on current threats. We understand better that there is no 100% security byRead More


Introduction to Event Log Analysis

Introduction to Event Log Event Log During an investigation, Event Logs are tracked because they have a comprehensive form of activities. The “Event Viewer” tool can be used to simply examine the logs. It is often possible to obtain the following evidence with event log analysis:-Service start, stop-RDP activity-Changing user privileges-Failed login activities These actionsRead More

Detection Malware

How Hackers Create Bitcoin Mining Network?

In this article, we will talk about the hackers who set up a Bitcoin mining network. We created a fake e-commerce website in hopes of seeing an interesting situation. Then,  we wrote a C # application that will send me the applications, processes and software installed on the device as an e-mail, when it isRead More


Zero Trust, The Model We Need

With the pandemic period, the importance of carrying out daily work over the Internet increases and money flow is now through virtual systems. Considering this situation as an opportunity, cyber threat actors are constantly carrying out cyber attacks that are more complex, harder to detect and resulting in large financial/reputation losses. We are getting theRead More

Attacking Detection

How to Build Your Own Cybersecurity Test Lab?

There are 3 main requirements to create a cyber security lab environment. These are: Test environment Attack simulation Detection tools In this article, we have listed free tools / resources that you can use to create your own lab environment. Additionally, if you are looking for a blue team online lab, you can visit letsdefend.ioRead More

Detection SIEM

How to Create Alert for SIEM?

We have collected, processed and stored logs up to this point. Now, we need to detect abnormal behavior using the data we have and generate alerts. If you did not read old posts, you can check it: How to Collect Log for SIEM? SIEM Log Aggregation and Parsing You can find some alerts and tryRead More


SIEM Log Aggregation and Parsing

The first place where the generated logs are sent is the log aggregator. We can edit the logs coming here before sending them to the destination. For example, if we want to get only status codes from a web server logs, we can filter among the incoming logs and send only the desired parts toRead More