Tag feed

#soc

157 posts34 followers

Trending tags this week

MMuzasiomuzasio.hashnode.dev

I Built a Local AI SOC Server on an Old Laptop as a Student — Here's What Actually Broke

7h ago · 5 min read · I'm a cybersecurity student. No budget, no enterprise hardware, no client environments. I set it up as a local AI server for SOC automation — log triage, CVE analysis, security bots. The internet made

Join discussion

WWhatDoesKmean?loggar.hashnode.dev

0

How a single OOTB macro can cause massive Alert Fatigue

1d ago · 3 min read · If you use CrowdStrike Falcon, you're probably familiar with the built-in macros designed to save us time. But lately, our team was chasing down a string of persistent false positives from the default

Join discussion

SSSakshi Singhthinksecure.hashnode.dev

0

What Are Security Alerts and False Positives?

1d ago · 9 min read · In Part 7, I finally understood how SIEM works. It collects logs. Normalizes them. Runs rules. And when something matches, it creates an alert. That alert lands in the analyst's queue. And I thought .

Join discussion

JJJaewook Jungwoogi.me

0

Threat Hunting Methodology

3d ago · 8 min read · Most security tools are reactive. Alerts fire after a rule matches, and analysts triage. Threat hunting flips that: you assume something has already evaded the tools, and you go look for it. This post

Join discussion

AVAnvesh Vishwarajuanveshtheaisocanalyst.hashnode.dev

1

Why Single-Layer LLM Triage Is Dangerous in a SOC — And the Architecture I'm Building to Prevent It

6d ago · 10 min read · Published on Hashnode | Anvesh Raju Vishwaraju | June 2026 I came across an article recently that genuinely surprised me. Not because the topic was new to me — but because someone at the same educatio

AAbhijeet commented

TLTirthak Likhartirthaklikhar.hashnode.dev

0

SOC Team Internals: How an L1 Analyst Thinks, Triages and Reports

May 31 · 12 min read · I spent the last few weeks going through the TryHackMe SOC Team Internals module. Four rooms. Around four hours of actual learning. And a lot of things clicked that I had been reading about in theory

Join discussion

MSMephisto spirit of the Devilm3ph15t0o-blog.hashnode.dev

0

What a SOC Analyst Actually Sees During a Failed Login Attack

May 27 · 2 min read · When people imagine cyberattacks, they often picture dramatic hacking scenes with fast typing and flashing screens. But inside a Security Operations Center (SOC), attacks usually begin much more quiet

Join discussion

AVAnvesh Vishwarajuanveshtheaisocanalyst.hashnode.dev

0

Bridging the Detection-Exploitation Gap with AI: Building PentestX

May 22 · 4 min read · Background In most security operations centres, offensive and defensive knowledge exist in separate silos. Penetration testers understand exploitation chains intimately. SOC analysts understand alert

Join discussion

JJJaewook Jungwoogi.me

0

From FIX Sessions to SIEM Alerts: A Pre-SOC Career on the Trading Desk

May 16 · 9 min read · I'm not a SOC analyst yet. I'm a Master of Cybersecurity student at RMIT, transitioning from a four-year career on a Korean securities trading desk where I owned the FIX-protocol connections to overse

Join discussion

SMSubhanshu Mohan Guptablogs.subhanshumg.com

0

The agentic SOC is here

May 11 · 11 min read · Three vendor agentic-SOC platforms in Q1 2026. One platform-engineering charter that decides whether they work. Microsoft Sentinel AI shipped. Splunk Agentic SOC launched at RSAC. Google SecOps and T

Join discussion

#soc

Search Hashnode

#soc

Trending tags this week

I Built a Local AI SOC Server on an Old Laptop as a Student — Here's What Actually Broke

How a single OOTB macro can cause massive Alert Fatigue

What Are Security Alerts and False Positives?

Threat Hunting Methodology

Why Single-Layer LLM Triage Is Dangerous in a SOC — And the Architecture I'm Building to Prevent It

SOC Team Internals: How an L1 Analyst Thinks, Triages and Reports

What a SOC Analyst Actually Sees During a Failed Login Attack

Bridging the Detection-Exploitation Gap with AI: Building PentestX

From FIX Sessions to SIEM Alerts: A Pre-SOC Career on the Trading Desk

The agentic SOC is here