Tag feed

#siem

182 posts21 followers

Trending tags this week

TSTech Skill Schooltechskillschool.hashnode.dev

What Are the Tools Used in a SOC Analyst Workflow?

4d ago · 5 min read · In the fast-paced world of cybersecurity, a SOC Analyst is often the first line of defense against cyber threats. They monitor systems 24/7, investigate alerts, and respond to incidents before they ca

Join discussion

JBJorge Belmarbelmar.in

0

Proactive Monitoring for Okta Workflows using Datadog

6d ago · 12 min read · Your Okta Workflows will fail. Maybe not today — but eventually, they will. The last thing you want during a long weekend is waking up at 3 AM to a flood of alerts from your ITSM tool, each one repres

Join discussion

TLTirthak Likhartirthaklikhar.hashnode.dev

0

SOC Team Internals: How an L1 Analyst Thinks, Triages and Reports

6d ago · 12 min read · I spent the last few weeks going through the TryHackMe SOC Team Internals module. Four rooms. Around four hours of actual learning. And a lot of things clicked that I had been reading about in theory

Join discussion

MSMephisto spirit of the Devilm3ph15t0o-blog.hashnode.dev

0

What a SOC Analyst Actually Sees During a Failed Login Attack

May 27 · 2 min read · When people imagine cyberattacks, they often picture dramatic hacking scenes with fast typing and flashing screens. But inside a Security Operations Center (SOC), attacks usually begin much more quiet

Join discussion

PHPablo Huertaspablohuertas.dev

0

Building a Home Lab for SIEM Practice with Wazuh/Elastic

May 25 · 17 min read · There is a gap between understanding security concepts and being able to actually work with them. You can read about SIEM, log correlation, and threat detection for months and still feel lost the firs

Join discussion

Vvaishvikkansaraloghunter.hashnode.dev

0

73 Failed Logins, 1 SIEM Dashboard. My SOC Story

May 9 · 7 min read · The Alert That Changed Everything It was April 1, 2026. I was staring at my Kibana dashboard when something caught my eye. A massive spike. 73 failed login attempts in a single day, all targeting the

Join discussion

NDnickson diazpruba.hashnode.dev

0

Volt Typhoon | Tryhackme | CTF

May 5 · 8 min read · Scenario: The SOC has detected suspicious activity indicative of an advanced persistent threat (APT) group known as Volt Typhoon, notorious for targeting high-value organizations. Assume the role of a

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

How SIEM Works Step by Step

May 5 · 9 min read · Understanding Cybersecurity Step by Step - Part 7 In Part 6, I showed you something that changed how I think about security. Every move an attacker makes leaves a log entry somewhere. The firewall log

Join discussion

PHPrayush Hadaprayush.hashnode.dev

0

From Reading the Kernel to Breaking It — Dirty Cow (CVE-2016-5195) End to End

May 2 · 7 min read · I've been reading Robert Love's Linux Kernel Development. Chapter 15 covers the memory subsystem — virtual memory areas, page faults, Copy-on-Write. It's dense. I got through it, understood it concept

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

Understanding Logs : The Backbone of Detection

Apr 23 · 9 min read · Understanding Cybersecurity Step by Step - Part 6 In Part 5, we followed Arjun through his morning shift. He opened 52 alerts. He triaged them one by one. He asked the same questions every time -what

Join discussion

#siem

Search Hashnode

#siem

Trending tags this week

What Are the Tools Used in a SOC Analyst Workflow?

Proactive Monitoring for Okta Workflows using Datadog

SOC Team Internals: How an L1 Analyst Thinks, Triages and Reports

What a SOC Analyst Actually Sees During a Failed Login Attack

Building a Home Lab for SIEM Practice with Wazuh/Elastic

73 Failed Logins, 1 SIEM Dashboard. My SOC Story

Volt Typhoon | Tryhackme | CTF

How SIEM Works Step by Step

From Reading the Kernel to Breaking It — Dirty Cow (CVE-2016-5195) End to End

Understanding Logs : The Backbone of Detection