Discussion

ridesh raju bijwe

Documenting my journey into Cybersecurity and SOC Analysis.

Feb 19

SOC163 – Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)

In this walkthrough, we investigate the SOC163 – Suspicious Certutil.exe Usage alert in the LetsDefend platform. 🔎 Alert Overview The monitoring dashboard shows an alert triggered for suspicious usage of certutil.exe. Certutil.exe is a legitimate ...

rideshcyber.hashnode.dev3 min read

#lolbin #blueteam #cybersecurity #cybersecurity-1 #infosec-cjbi6apo9015yaywu2micx2eo #monitoring #threat-hunting #threat-intelligence #letsdefend #learning-in-public #soc-analyst #soc

Responses

No responses yet.

Search Hashnode

SOC163 – Suspicious Certutil.exe Usage Walkthrough (Event ID: 113)

Responses

Recent in Forum