In this post I’ll explain the basics on using a SIEM: how to search logs and how to send alerts.
In this post I’ll explain what is Sysmon, how to install it and how to use it to detect important pattern.
When we have a lot of Windows machine in our environment, it can be useful to be able to detect a bruteforce on a machine.
In this post I’ll explain how to detect an attacker that uses PsExec to connect to your computer when you don’t have visibility over the attacker’s computer.
In this post, I’ll explain how to initially setup a SIEM so you can receive your first logs.