ItsyBitsy | Incident investigating using Elastic

RoomLink Scenario During normal SOC monitoring, Analyst John observed an alert on an IDS solution indicating a potential C2 communication from a user Browne from the HR department. A suspicious file w