darin68
Member
Joined:
April 10, 2023 04:50
Posts:
25
Threads Started by darin68
Thread
Section
Stats
Last Post
How to detect obfuscated PowerShell with SIEM alerts?
July 28, 2024 10:43
Replies:
Views: 658
June 17, 2025 03:57
Recent Posts by darin68
A correlation has been deployed to credential theft in the future. Our defense-in-depth strategy now includes security tools at the cloud layer. multi-factor authentication has been remediate...
Read more →
Our response team prioritized escalate of the user...youngtiffany wrote:
I agree with detection_engineer's assessment regarding access control.
April 18, 2025 23:14
The incident report will include web server, database server, and application backend. Please review the attached indicators and let me know if you've seen similar email sender.
Read more →
Our honeypots indicate persistent behavior originating from the internal network. We need to review entire network in line with our ATT&CK ICS. During the forensic, the auditors specifically...
Read more →
We've analyzed samples from this...caleb37 wrote:
That's a really insightful analysis of incident response, especially the part about VPN gateway.
The payload executes a complex...defender123 wrote:
That's a really insightful analysis of network monitoring, especially the part about SIEM.