Purple Team Strategies by David Routin & Simon Thoores & Samuel Rossier
Author:David Routin & Simon Thoores & Samuel Rossier
Language: eng
Format: epub
Publisher: Packt
Published: 2022-03-15T00:00:00+00:00
As usual, the detection strategy could rely on Sigma and be completed with a frequency/aggregation approach to match the maximum number of potential threats.
You may also consider reading the content of detection rules from Splunk (https://bit.ly/3pi6mhq) and Elastic (https://bit.ly/3jiXLqZ).
Cloud-based logs
As the main component of today's environments, the cloud should be enabled in terms of logs collection; indeed, many companies rely on solutions such as Azure AD, Microsoft 365, AWS, and Google Cloud Platform (GCP). All these solutions offer advanced log collection through their Application Programming Interfaces (APIs). If we don't know where to start for detection, we should again have a look at Sigma, Splunk, or Elastic public rule repositories already integrating cloud events. Some cloud services offer specific threat detection solutions, such as Microsoft 365.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Cryptography | Encryption |
Hacking | Network Security |
Privacy & Online Safety | Security Certifications |
Viruses |
Future Crimes by Marc Goodman(3025)
Mastering Python for Networking and Security by José Manuel Ortega(3003)
Blockchain Basics by Daniel Drescher(2928)
Practical Threat Detection Engineering by Megan Roddie & Jason Deyalsingh & Gary J. Katz(2849)
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(2681)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2539)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2510)
Machine Learning Security Principles by John Paul Mueller(2415)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(2404)
The Art Of Deception by Kevin Mitnick(2325)
The Code Book by Simon Singh(2250)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(2088)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(2078)
Solidity Programming Essentials by Ritesh Modi(2013)
Hands-On AWS Penetration Testing with Kali Linux by Benjamin Caudill & Karl Gilbert(1919)
Wireless Hacking 101 by Karina Astudillo(1873)
DarkMarket by Misha Glenny(1865)
Applied Network Security by Arthur Salmon & Michael McLafferty & Warun Levesque(1855)
Mobile Forensics Cookbook by Igor Mikhaylov(1828)