Introduction to How to Blue Team: There’s a lot of documents on how to use pen testing tools, how to crack, hack and break into things. Not a lot is written on how to detect these things, especially at the “Enterprise” level where a lot of the blog posts seem to give use cases that do not scale well. So,
Introduction to How to Blue Team: There’s a lot of documents on how to use pen testing tools, how to crack, hack and break into things. Not a lot is written on how to detect these things, especially at the “Enterprise” level where a lot of the blog posts seem to give use cases that do not scale well. So,
The Truth About the Splunk versus ELK Arguments I feel the need to write this because of how many dishonest articles there are about the Splunk vs ELK debate. It seems like either the writers used both applications for a single day and knew the bare basics or that they have extraordinarily simplistic use cases to test. So, naturally, I
Over the years I have collected some basic (and advanced) tips and tricks for utilizing Splunk – both from an operational standpoint of server maintenance as well as from the standpoint of alert, report and dashboard creation. Below are some of the most basic search tips that I have, additional posts are to follow for more advanced tips and tricks.