Tristan’s Cybersecurity Substack
Subscribe
Sign in
Home
Podcast
Notes
Chat
Merch Store
SIEM / SOC / MDR
Archive
Leaderboard
About
Latest
Top
The Elasticsearch license saga
As you may know from my posts, I like Elasticsearch.
Nov 18
•
Tristan Dostaler
Share this post
Copy link
Facebook
Email
Notes
More
10:44
CIS controls — where to start in securing a medium/big enterprise
CIS controls — where to start in securing a medium/big enterprise
Nov 15
•
Tristan Dostaler
Share this post
Copy link
Facebook
Email
Notes
More
22:14
Your server is secure? Really?
What to do after you’ve secured your servers and computers
Nov 15
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
Your server is secure? Really?
Copy link
Facebook
Email
Notes
More
SIEM 101 — Introduction
In the following days, I’ll write a few blog posts explaining how to easily learn to use a Security Information and Event Management, or SIEM.
Nov 15
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM 101 — Introduction
Copy link
Facebook
Email
Notes
More
Never receive an alert from Windows Defender? You should!
A few years ago, I was on the defense team when a pentest was ongoing on one of our website.
Nov 14
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
Never receive an alert from Windows Defender? You should!
Copy link
Facebook
Email
Notes
More
SIEM 101 — Initial setup
In this post, I’ll explain how to initially setup a SIEM so you can receive your first logs.
Nov 14
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM 101 — Initial setup
Copy link
Facebook
Email
Notes
More
SIEM 202 — Detecting remote PsExec
In this post I’ll explain how to detect an attacker that uses PsExec to connect to your computer when you don’t have visibility over the attacker’s…
Nov 14
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM 202 — Detecting remote PsExec
Copy link
Facebook
Email
Notes
More
SIEM 102 — Detect Windows bruteforce
In this post I’ll explain how to detect a bruteforce on Windows.
Nov 13
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM 102 — Detect Windows bruteforce
Copy link
Facebook
Email
Notes
More
SIEM 201 — What is Sysmon
In this post I’ll explain what is Sysmon, how to install it and how to use it to detect important pattern.
Nov 13
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM 201 — What is Sysmon
Copy link
Facebook
Email
Notes
More
SIEM Solutions 101 — Basic usage
In this post I’ll explain the basics on using a SIEM: how to search logs and how to send alerts.
Nov 13
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
SIEM Solutions 101 — Basic usage
Copy link
Facebook
Email
Notes
More
Information Security synonyms
Information Security, Cybersecurity, IT security, and other synonyms
Nov 13
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
Information Security synonyms
Copy link
Facebook
Email
Notes
More
Why the SolarWinds hack matters
Maybe you saw the news on the SolarWinds hack.
Nov 12
•
Tristan Dostaler
Share this post
Tristan’s Cybersecurity Substack
Why the SolarWinds hack matters
Copy link
Facebook
Email
Notes
More
Share
Copy link
Facebook
Email
Notes
More
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts