Purple Team Strategies by David Routin & Simon Thoores & Samuel Rossier
Author:David Routin & Simon Thoores & Samuel Rossier
Language: eng
Format: epub
Publisher: Packt
Published: 2022-03-15T00:00:00+00:00
As usual, the detection strategy could rely on Sigma and be completed with a frequency/aggregation approach to match the maximum number of potential threats.
You may also consider reading the content of detection rules from Splunk (https://bit.ly/3pi6mhq) and Elastic (https://bit.ly/3jiXLqZ).
Cloud-based logs
As the main component of today's environments, the cloud should be enabled in terms of logs collection; indeed, many companies rely on solutions such as Azure AD, Microsoft 365, AWS, and Google Cloud Platform (GCP). All these solutions offer advanced log collection through their Application Programming Interfaces (APIs). If we don't know where to start for detection, we should again have a look at Sigma, Splunk, or Elastic public rule repositories already integrating cloud events. Some cloud services offer specific threat detection solutions, such as Microsoft 365.
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Cryptography | Encryption |
Hacking | Network Security |
Privacy & Online Safety | Security Certifications |
Viruses |
Future Crimes by Marc Goodman(3009)
Mastering Python for Networking and Security by José Manuel Ortega(2964)
Blockchain Basics by Daniel Drescher(2896)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2518)
Practical Threat Detection Engineering by Megan Roddie & Jason Deyalsingh & Gary J. Katz(2509)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2487)
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(2354)
The Art Of Deception by Kevin Mitnick(2303)
The Code Book by Simon Singh(2218)
Machine Learning Security Principles by John Paul Mueller(2072)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(2058)
Hands-On AWS Penetration Testing with Kali Linux by Benjamin Caudill & Karl Gilbert(1868)
Solidity Programming Essentials by Ritesh Modi(1861)
Wireless Hacking 101 by Karina Astudillo(1852)
DarkMarket by Misha Glenny(1849)
Applied Network Security by Arthur Salmon & Michael McLafferty & Warun Levesque(1841)
Mobile Forensics Cookbook by Igor Mikhaylov(1815)
Serious Cryptography: A Practical Introduction to Modern Encryption by Aumasson Jean-Philippe(1810)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(1741)