In today’s threat landscape more and more threats like fileless malware and ransomware leverage PowerShell during the exploitation stage. In this post I have written some of the best ways… Read more How to monitor and detect malicious PowerShell scripts? →
Your SIEM (Security Information and Event Management)’s ROI depends on how effectively you tune it. Data sources like Firewall, AD server, File server, generates millions of logs every day. Without… Read more How to reduce noise in your SIEM? →
When I receive a request to monitor critical events from a vendor, it becomes a cumbersome task to gather information about the vendor, log schema, and event types. This information… Read more Events of Interest to monitor in Cisco ASA Firewall/IPS →
CyberSec Talk 