SigmaHQ Essentials - Building Robust Detection Capabilities
Recon Main Blog
2024-09-10 01:17:08
收藏
Intro
We advocate and discuss SigmaHQ repository of detections frequently on Thursday Defensive, but we never go into too much detail. There are always lingering questions of what type of detections do we use? How do you tune those rules? What other tools use these rules? So as one of the detection engineers at Recon, I figured I would share some of the knowledge I’ve obtained over the last 6 years of dealing with SigmaHQ detections in my day-to-day operations.
目录
最新
- Every Pentest Makes us Better
- Delivering AI Superpowers to Security Teams: Introducing Recon Labs
- Microsoft Teams Social Engineering: A Ransomware Attack Vector
- Mastering Threat Hunting Operations: A Deep Dive into Recon InfoSec’s Approach
- Prolific Phishing Campaign Leveraging Zoom's Infrastructure
- Detecting Fake CAPTCHA Campaigns: ClickFix, ClearFake, and Etherhide
- SigmaHQ Essentials - Building Robust Detection Capabilities - Part 2
- Effective Threat Hunting