May 31 · 10 min read · Your SOC ingests 10,000 alerts daily. Analysts triage, correlate, escalate. They close tickets. They maintain playbooks that decay the moment a new TTP surfaces. Mean time to detect (MTTD) stretches i
Join discussion
Aug 3, 2025 · 7 min read · Prologue I had an interesting 45 minute conversation with a security engineer from a mostly-cloud company. We talked about how would one start a detection assessment program, mainly brainstorming ideas on what to test. It was an impromptu chat (kind ...
Join discussion
Aug 2, 2025 · 4 min read · A few weeks ago, I saw a LinkedIn post that stopped me in my tracks. It asked, "Where did all the cyber analyst jobs go?" and talked about how automation, SOAR, and LLMs are fundamentally changing the landscape. It argued that the work isn't disappea...
Join discussionMay 15, 2025 · 3 min read · In my role as a Security Operations Center (SOC) analyst, I recently encountered a high-severity alert involving "unfamiliar sign-in properties" for a user account. What initially appeared to be a potential threat turned out to be a false positive, c...
Join discussion
May 15, 2025 · 2 min read · Working as a Student SOC Analyst at LSU Shreveport has given me the chance to experience firsthand how real-world threat detection works — and recently, I encountered my first true positive security incident that tested my analytical and investigativ...
Join discussion
Feb 23, 2025 · 5 min read · Introduction Modern security operations rely on automated alerting to detect reconnaissance activities within enterprise networks. However, when certain alerts trigger frequently, distinguishing between benign system behavior and true security threat...
Join discussion
Sep 3, 2024 · 1 min read · SOAR stands for Security orchestration automation and response Below is breakup of terms :- Security Orchestration: - Process of integrating various security tools to automate workflows.This enables security team to manage alerts and response from a ...
Join discussionAug 28, 2024 · 4 min read · Shuffle is a highly regarded open source Security Orchestration, Automation, and Response (SOAR) tool known for its ease of deployment, robust features, and strong community support. This article will delve into the working of Shuffle, provide a step...
Join discussion
Aug 24, 2024 · 4 min read · Objective: Utilizing SOAR automation for Endpoint Detection & Response (EDR) to enhance workflow efficiency and automate the isolation of a device across multiple communication channels. Tools Used: In this project, I employed a range of sophisticate...
Join discussion
Aug 21, 2024 · 14 min read · Here in this project the enhancement of cybersecurity with a SOAR-EDR project using LimaCharlie, Slack, and Tines will be demonstrated. Introduction to SOAR-EDR Integration Overview of SOAR-EDR and Its Importance Definition of SOAR and EDR: Security...
Join discussion
