Securehat
@FranticTyping
  • Blog Overview
  • 💣CobaltStrike
    • Cobalt Strike Staging and Extracting Configuration Information
    • Fighting Back Against Cobalt Strike - Detection Ideas
  • 🔬Malware Analysis
    • Tool-Less Extraction of IOCs from an Emotet Maldoc
    • Extracting the Cobalt Strike Config from a TEARDROP Loader
  • 💉Process Injection and Similar Topics
    • Shellcode Execution via EnumSystemLocalA
    • Manually Implementing Inline Function Hooking
    • Detecting Process Injection using Microsoft Detour Hooks
  • 🔍Detection Experiments
    • Detecting Parent Process Spoofing using KrabsETW
    • Chainsaw Tool - Search and Hunt Through Event Logs
    • Hunting for C3 Activity
  • 📘High Level Blue Team Topics
    • Scaling Detection and Response Operations
Powered by GitBook
On this page

Was this helpful?

  1. High Level Blue Team Topics

Scaling Detection and Response Operations

A couple of blog posts that I wrote in my day job:

PreviousHunting for C3 Activity

Last updated 1 year ago

Was this helpful?

📘
LogoScaling Detection and Response Operations at Coinbase
LogoScaling Detection and Response Operations at Coinbase Pt2
LogoScaling Detection and Response Operations at Coinbase pt3