Maybe you saw the news on the SolarWinds hack. If you didn’t, you should follow me on Twitter: https://twitter.com/TristanDostaler
In this post I want to explain, in a way understandable by everyone, why this hack matters.
SIEM 201 — What is Sysmon
In this post I’ll explain what is Sysmon, how to install it and how to use it to detect important pattern.
SIEM 101 — Initial setup
In this post, I’ll explain how to initially setup a SIEM so you can receive your first logs.