Apr 22 · 18 min read · Let me be upfront about something before we get into this. I did not build this lab because someone told me to. I built it because I kept running into a wall. Every job description I read for SOC anal
Join discussion
Apr 15 · 3 min read · 1. Introduction: So You Need a SIEM. My Condolences. Let's get one thing straight. You're here because someone—a manager, an auditor, or that little voice of dread in your head—told you that you need a Security Information and Event Management (SIEM)...
Join discussionFeb 6 · 2 min read · Today’s focus was expanding the home lab by deploying Wazuh SIEM on a second laptop. To keep things flexible, I opted for a Docker container deployment. Since this is a testing phase, I’m not overly concerned about potential issues; I plan to have a ...
Join discussionFeb 1 · 4 min read · I recently uncovered a concerning security blind spot in an enterprise case study—a flaw that highlights the dangerous assumption many make when it comes to cybersecurity: that 'no alerts' equals 'no threats'. Security is inherently complex, but the ...
Join discussion
Feb 1 · 2 min read · Part I: For Docker Installations In Docker, you must change the persistent files on the host first, then apply them inside the container. 1. Generate the Password Hash Access the indexer container to use the hash tool: docker exec -it -u 0 single-no...
Join discussion
Jan 14 · 5 min read · Giới thiệu Sau khi đã tìm hiểu và thực hành với các công cụ quản trị hệ thống, giám sát hạ tầng, IDS/IPS và tường lửa, mình nhận ra rằng việc học từng công cụ riêng lẻ là chưa đủ. Điều quan trọng hơn là hiểu cách chúng được triển khai và phối hợp với...
Join discussion
