Hello and welcome to my blog where I talk about my interests and try to provide useful information on multiple subjects in Information Technology, mainly on coding and InfoSec. To know more about me, head over to my post whoami.
This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.
I have been asked for a reading list of cybersecurity books. I decided to document this list here so it can be used by a broader public.