Defensive Security Notes
My notes on cybersecurity topics.
Last updated: May 4th, 2023
Intelligence
- Threat Intel Overview
An overview of resources commonly used in threat intelligence. - Traffic Analysis
Probing network anomalies - Endpoint Security
Monitoring workstations to spot adversarial techniques - Logs
Parsing and processing logs to detect threats and anomalies and identify system performance issues. - Security Information and Event Management
SIEM overview - Splunk
Search data for anomalies by creating complex search queries, applying regex, and creating presentable reports and dashboards. - Detection Engineering
Various threat detection methodologies, rule syntax and tools, and how to apply them in a SOC environment. - Threat Hunting and Emulation
An overview searching for attackers and red teamers.
Digital Forensics and Incident Response
- Digital Forensics Overview
An overview of the forensic artifacts and how to leverage them in investigations - Incident Response Overview
How to respond effectively.
Malware Analysis
- Threat Intel Overview
An overview of resources commonly used in threat intelligence.