5d ago · 13 min read · TL;DR Your security systems are designed for office networks. Remote workers operate on home WiFi, use personal devices, and access corporate networks through VPNs — a completely different threat surface. Traditional SIEMs (Security Information and E...
Join discussionFeb 18 · 4 min read · Alert of the lestdefend SIEM we need to resolve the cyberexercise. Press enter or click to view image in full size Tools: Virus total, AbuseIP and lestdefend tools for research. CVE Common Vulnerabilities and Exposures (CVE) is a standardized, indu...
Join discussionFeb 16 · 27 min read · A comprehensive blueprint for telemetry, correlation, control plane enforcement, and measurable validation Abstract Modern adversaries no longer rely on known exploits or signature based malware. Data exfiltration campaigns increasingly use zero day ...
Join discussionFeb 13 · 3 min read · In modern cybersecurity operations, log analysis is one of the most important defensive skills. Security Information and Event Management (SIEM) systems collect logs from multiple sources and detect suspicious patterns. To better understand how SIEM ...
Join discussionFeb 13 · 1 min read · Mid-market security teams face enterprise-level threats without matching resources. Modern SIEM tools have evolved to meet this challenge, adopting Open XDR architectures that unify AI-driven detection and automated response capabilities. This shift ...
Join discussionFeb 6 · 2 min read · Today’s focus was expanding the home lab by deploying Wazuh SIEM on a second laptop. To keep things flexible, I opted for a Docker container deployment. Since this is a testing phase, I’m not overly concerned about potential issues; I plan to have a ...
Join discussion
