Tag feed

#siem

177 posts21 followers

Trending tags this week

Vvaishvikkansaraloghunter.hashnode.dev

73 Failed Logins, 1 SIEM Dashboard. My SOC Story

May 9 · 7 min read · The Alert That Changed Everything It was April 1, 2026. I was staring at my Kibana dashboard when something caught my eye. A massive spike. 73 failed login attempts in a single day, all targeting the

Join discussion

NDnickson diazpruba.hashnode.dev

0

Volt Typhoon | Tryhackme | CTF

May 5 · 8 min read · Scenario: The SOC has detected suspicious activity indicative of an advanced persistent threat (APT) group known as Volt Typhoon, notorious for targeting high-value organizations. Assume the role of a

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

How SIEM Works Step by Step

May 5 · 9 min read · Understanding Cybersecurity Step by Step - Part 7 In Part 6, I showed you something that changed how I think about security. Every move an attacker makes leaves a log entry somewhere. The firewall log

Join discussion

PHPrayush Hadaprayush.hashnode.dev

0

From Reading the Kernel to Breaking It — Dirty Cow (CVE-2016-5195) End to End

May 2 · 7 min read · I've been reading Robert Love's Linux Kernel Development. Chapter 15 covers the memory subsystem — virtual memory areas, page faults, Copy-on-Write. It's dense. I got through it, understood it concept

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

Understanding Logs : The Backbone of Detection

Apr 23 · 9 min read · Understanding Cybersecurity Step by Step - Part 6 In Part 5, we followed Arjun through his morning shift. He opened 52 alerts. He triaged them one by one. He asked the same questions every time -what

Join discussion

TLTirthak Likhartirthaklikhar.hashnode.dev

0

I Ran 9 MITRE ATT&CK Simulations Against My Own SIEM. Here Is What Actually Happened.

Apr 22 · 18 min read · Let me be upfront about something before we get into this. I did not build this lab because someone told me to. I built it because I kept running into a wall. Every job description I read for SOC anal

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

What Does a SOC Analyst Actually Do?

Apr 17 · 8 min read · Understanding Cybersecurity Step by Step - Part 5 In Part 4, we walked through what happens after a cyber attack. The attacker moves. The server records it. SIEM spots the pattern. An alert fires. Bu

Join discussion

HHugohugovalters.hashnode.dev

0

Wazuh SIEM: A Threat Hunting Toolkit for People Who Hate SIEMs

Apr 15 · 3 min read · 1. Introduction: So You Need a SIEM. My Condolences. Let's get one thing straight. You're here because someone—a manager, an auditor, or that little voice of dread in your head—told you that you need a Security Information and Event Management (SIEM)...

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

What Happens After a Cyber Attack?

Apr 10 · 5 min read · We've talked about how hackers find vulnerabilities. But here's the question nobody asks first -what happens on the other side? Imagine this. It's 2 AM. A hacker just broke into a company's database

Join discussion

PPromisepromise-security.hashnode.dev

0

Analysing a Simulated Web Breach with Splunk (Deloitte Forage Cyber Task)

Apr 5 · 2 min read · 1. Getting the logs into Splunk The task provided a web_activity.log file with HTTP requests grouped by internal IP addresses. My first step was to bring this data into Splunk so I could query and vis

Join discussion

#siem

Search Hashnode

#siem

Trending tags this week

73 Failed Logins, 1 SIEM Dashboard. My SOC Story

Volt Typhoon | Tryhackme | CTF

How SIEM Works Step by Step

From Reading the Kernel to Breaking It — Dirty Cow (CVE-2016-5195) End to End

Understanding Logs : The Backbone of Detection

I Ran 9 MITRE ATT&CK Simulations Against My Own SIEM. Here Is What Actually Happened.

What Does a SOC Analyst Actually Do?

Wazuh SIEM: A Threat Hunting Toolkit for People Who Hate SIEMs

What Happens After a Cyber Attack?

Analysing a Simulated Web Breach with Splunk (Deloitte Forage Cyber Task)