Section Contents

• 📄 LetsDefend: Event ID 88 - Phishing URL

  A full SOC investigation walkthrough. Correlating EDR alerts with browser history to detect a credential harvesting attack.

• 📄 LetsDefend: Investigate Web Attack

  Analyzing Apache Access logs to separate scanning noise from successful SQL injection.

• 📄 LetsDefend: Phishing Email Analysis

  Examining Email Headers (SPF, DKIM, DMARC) and attachment sandboxing.