@RootCitadel
About
Nothing here yet.
Available for
Nothing here yet.
Jaewook Jung's blogs
Recently published
From FIX Sessions to SIEM Alerts: A Pre-SOC Career on the Trading Desk
4d ago · 9 min read · I'm not a SOC analyst yet. I'm a Master of Cybersecurity student at RMIT, transitioning from a four-year career on a Korean securities trading desk where I owned the FIX-protocol connections to overse
Join discussion
Elastic SIEM and KQL: The Open-Source Alternative to Splunk
May 7 · 6 min read · Elastic SIEM and KQL: The Open-Source Alternative to Splunk Splunk is powerful but expensive. Elastic Stack (formerly ELK) is the open-source alternative most teams eventually encounter. This post covers the Elastic architecture, ECS (Elastic Common ...
Join discussion
Splunk for Blue Team: SPL Queries and Investigation Patterns
May 4 · 6 min read · Splunk for Blue Team: SPL Queries and Investigation Patterns Splunk is the most common SIEM you'll encounter in a SOC. If you're doing blue team work, you need to be comfortable with SPL (Splunk Processing Language). This post covers the architecture...
Join discussion
Memory Forensics with Volatility: Finding What Attackers Hide in RAM
Apr 30 · 8 min read · Memory Forensics with Volatility: Finding What Attackers Hide in RAM Disk forensics misses the stuff that matters most. Fileless malware, running processes, C2 connections, encryption keys, hidden rootkits, these live in RAM and disappear the moment ...
Join discussion