Category: Security
-
+
+
+
+
+
+
Going through Splunk and learning how to make use of the multitude of features it offers can be daunting. Agents can use Splunk to aggregate data, search, and analyze logs. You can use Splunk Processing Language to run specialized queries in the system. It can also produce reports with varying…
-
+
+
+
+
+
+
Decided to dive into some LinkedIn Learning modules, so focused a bit on learning more about Splunk. Splunk is a tool often referenced when discussing SIEM systems. So it is excellent for log analysis and investigation.
-
+
+
+
+
+
+
I am going through some of the Help desk courses on LinkedIn Learning. They also mention having a good grasp of Active Directory. Active Directory helps manage users and servers on a network. As a Help desk person, you would use it frequently to add new users, remove users, reset…
-
+
+
+
+
+
+
As I have been looking for CyberSecurity positions, many people usually get their start in IT Help Desk positions, then work into Network positions, and then into Network Security, Information Security, and Cybersecurity roles. It can be a good place to start, where you can learn more about assisting users…
-
+
+
+
+
+
+
After finishing up the SIEM section, I moved on to Digital Forensics and Incident Response. This section deals a lot with the forensic aspect of Cybersecurity. So you spend a lot of time using forensic tools and reviewing artifacts to find key details. Part of Incident Response is to investigate the…
-
+
+
+
+
+
+
Continuing with my modules on the TryHackMe site for the SOC Level 1. Learning more about the Hive Project. It is an open-source, freely available Security Incident Response Platform that can be used on-prem or in the cloud. Designed to allow teams to collaborate on investigations quickly and easily. This…
-
+
+
+
+
+
+
Malware Analysis is another significant part of Cybersecurity, as many parties work to prevent attacks. Attackers’ malware is constantly evolving. So you need a team that is good at analyzing what makes the malware tick, so to speak. Malware Analysis is the use of tools, systems, and threat intelligence to…
-
+
+
+
+
+
+
Started work on the Security Information and Event Management section of the SOC Level 1. SIEMs are systems that collect and process logs from various systems, sources, and endpoints. This data can then be processed and output in an easy-to-view format, depending on the SIEM product. These systems can also…
-
+
+
+
+
+
+
Learning about Endpoint Security Monitoring this time around. Endpoints are just about all your machines and devices on your network. It is essential to understand how to monitor these items. If you need to go over a system that may have triggered an alert, it is good to know which…
-
+
+
+
+
+
+
Worked through a fascinating part of TryHackMe, which is related to Network Security and Traffic Analysis. A big part of doing SOC analyst work will be monitoring traffic-related events and understanding how these items are processed and how to analyze them. In this section, you learn about open source firewall…