X

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

  • Home
  • Patreon Login
  • All posts
  • Recent
  • Merch Store
  • Follow
  • Follow
  • Follow
  • Follow
  • Follow

SIEM 103 — Detect Windows bruteforce part 2

by Tristan Dostaler | Jun 3, 2022 | DFIR, Information Technology, InfoSec, Private Posts, SIEM, SIEM 100 series

This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.

SIEM 102 — Detect WordPress bruteforce

by Tristan Dostaler | Jan 19, 2021 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series

WordPress is one of the most popular CMS and website server in the world. It handles “more than 30%” of the websites on the internet. Because of this, bad actors are really interested in finding ways to get control of them. In this post I explain how to detect a WordPress bruteforve.

SIEM Solutions 101 — Basic usage

by Tristan Dostaler | Nov 26, 2020 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series

In this post I’ll explain the basics on using a SIEM: how to search logs and how to send alerts.

SIEM 102 — Detect Windows bruteforce

by Tristan Dostaler | Nov 25, 2020 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series

When we have a lot of Windows machine in our environment, it can be useful to be able to detect a bruteforce on a machine.

SIEM 101 — Initial setup

by Tristan Dostaler | Nov 24, 2020 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series, TL;DR;

In this post, I’ll explain how to initially setup a SIEM so you can receive your first logs.

SIEM 101 — Introduction

by Tristan Dostaler | Nov 23, 2020 | Cybersecurity, Information Technology, InfoSec, SIEM, SIEM 100 series

In the following days, I’ll write a few blog posts explaining how to easily learn to use a SIEM.

MEGA referal

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

Recent Posts

  • Lockbit ransomware – How to recover your data
  • How to secure WordPress
  • SIEM 103 — Detect Windows bruteforce part 2

Subscribe!

Support

Buy me a coffee
Become a patron at Patreon!

Follow Me

  • Twitter
  • Facebook
  • RSS Feed
  • Discord

Media and Support

  • Twitter
  • Facebook
  • RSS Feed
  • Discord
Buy me a coffee

Referal and Benefits

You can join MEGA, the most secure cloud storage, with this referral link: https://mega.nz/aff=7Y94iYz_csg

Become a patron at Patreon!

Recent posts

  • Lockbit ransomware – How to recover your data
  • How to secure WordPress
  • SIEM 103 — Detect Windows bruteforce part 2
  • Why I switched from Logz.io to Humio
  • CIS controls – where to start in securing a medium/big enterprise

Subscribe!

  • Privacy Policy