How to Send Windows Logs to IBM QRadar Using WinCollectOne of the most effective ways to forward Windows event logs to QRadar is by using WinCollect, a lightweight log collection agent developed…7h ago7h ago
How to install and configure IBM QradarIBM QRadar is a powerful Security Information and Event Management (SIEM) solution designed to provide advanced threat detection, log…5d ago5d ago
Different types of ProxyToday, we’ll dive into the concept of proxies, exploring what they are, the different types available, and their respective benefits. Let’s…Dec 12Dec 12
SOC326 — Impersonating Domain MX Record Change DetectedIn this writeup, I will investigate one of the alerts on Letsdefend, “SOC326 — Impersonating Domain MX Record Change Detected”Nov 21Nov 21
A Step-by-Step Installation Guide for DVWA on Ubuntu serverThe Damn Vulnerable Web Application (DVWA) is a software project that intentionally includes security vulnerabilities and is intended for…Oct 25Oct 25
SOC282 — Phishing Alert — Deceptive Mail DetectedIn this writeup, I will investigate one of the alerts on Letsdefend, “ SOC282 — Phishing Alert — Deceptive Mail Detected ”.Oct 81Oct 81
Final Part: Automation with Shuffle SOARThis is the final part, where we will implement the Shuffle SOAR configuration and finalize the overall project. Let’s get started!Jun 12Jun 12
Part 2: Configuring TheHive and Wazuh, Attack emulations with ARTIn this part, I’ll demonstrate the configuration of TheHive and Wazuh, as well as creating rule in Wazuh. Let’s do it.Jun 1Jun 1