Windows logs vs Linux logs & how they help with Vulnerability Scanning


Windows Event Log: Is an in-depth record of events related to the system, security, and application stored on a Windows operating system. Event logs c...

Read More

What are packet sniffers & how to use Snort


Packet sniffers. How they work: Packet sniffers work by intercepting and logging network traffic via the wired or wireless network interface on its ho...

Read More

Slowloris DDoS & how to mitigate with NGINX


What is denial-of-service (DDoS) attack? Here's a brief explanation. It's a malicious attempt to disrupt the normal traffic of a targeted server by ov...

Read More

What are SIEM and UEBA?


Let's dive into Security Information & Event Management (SIEM) and User and entity behavior analytics (UEBA)...

Read More

Incident response — NIST vs SANS


Placed side-by-side in a list format, NIST and SANS have all the same components and the same flow. The biggest difference lies in Step 3, where NIST ...

Read More

Threat intelligence APT and MISP


Advanced Persistent Threat aims to infiltrate a company’s computer systems and steal information or disrupt operations. APT is persistent, meaning the...

Read More

Threat hunting vs Security analytics


In cybersecurity threat hunting, this involves developing a specific hypothesis or theory about a potential security threat, based on available data o...

Read More

CompTIA Roadmap


I attended the National Cyber Summit a few months ago and got this flyer. I think it might be helpful to share...

Read More

SOAR Playbooks


SOAR stands for Security Orchestration, Automation and Response. It is a technology solution that aims to streamline and automate the security operati...

Read More