1d ago · 14 min read · QIS for Cyber Threat Intelligence: How 500 Isolated SOC Models Can Become One Global Threat Detection Network QIS Protocol — Domain Tutorial #13 | Series: Art086–Art108 In March 2023, three major US financial institutions were hit by the same ransom...
Join discussionFeb 19 · 2 min read · Introduction In today’s hyper-connected digital world, cyberattacks have evolved from simple malware infections to complex, multi-stage campaigns involving reconnaissance, credential abuse, lateral mo
Join discussion
Jan 26 · 10 min read · Trong các cuộc tấn công mạng hiện đại, đặc biệt là các chiến dịch lateral movement và post-exploitation trong môi trường Active Directory, attacker hiếm khi “tự viết lại bánh xe”. Thay vào đó, họ tận dụng những bộ công cụ mã nguồn mở đã được kiểm chứ...
Join discussion
Jan 22 · 3 min read · What Is Detection Engineering? In today’s banking and fintech landscape, cyber threats are no longer a distant concern- they are constant, sophisticated, and financially motivated. From credential theft to insider fraud and complex money-laundering s...
Join discussion
Jan 7 · 7 min read · Introduction In support of my recent research into ICS/OT Security Operations, I wanted to set up a small, controlled environment where I could observe normal industrial network behavior identify meaningful deviations reason about that activity us...
Join discussion
Dec 27, 2025 · 4 min read · Understanding attacks is useful. Detecting, investigating and responding is what SOCs are paid for. By mapping OSI layers → MITRE ATT&CK techniques → SOC use cases, we bridge the gap between architecture knowledge and real-world SOC operations. 🧱 Ph...
Join discussion
