[Walkthroughs] TryHackMe room "Tactical Detection" Writeup скачать в хорошем качестве

[Walkthroughs] TryHackMe room "Tactical Detection" Writeup

[Walkthroughs] TryHackMe room "Tactical Detection" Writeup Establish a baseline knowledge of tactical detection, leveraging efficient techniques to bolster your security posture. You’re hired as a security engineer, and you want to make a good impression. You noticed that there’s a default ruleset available, and it has already been enabled. The SOC team seems to function, albeit not as efficiently as you might expect - then it dawns on you; the default rules just won’t cut it. This scenario is not uncommon - in fact, a common pitfall of modern SOCs today is leaning too much on default rules and settings of the products they deploy, leaving them with security alerts that don't really add value to their security posture. Learning Objectives: In this room, we will strive to understand the mindset behind choosing a tactical approach in alerting and detecting threats, IOAs, IOCs, etc. In the process, we will gain practical experience in setting up a basic tactical detection capability leveraging techniques used in real-life environments. Room Prerequisites and Expectation Setting: There are no hard prerequisites in order to gain value from this room; however, it would be very helpful to have a basic understanding of navigating cmd and executing basic commands, as well as navigating FullEventLogView as it would be our main tool in reviewing Event Logs. This room will touch upon some of the most efficient ways to bolster an organization's security posture by leveraging detection mechanisms and walking the user through setting them up tactically. This should serve as a baseline where the user will be able to learn the basics, implement them in their functions, and make them truly their own. Room URL: https://tryhackme.com/room/tacticalde... My Contact Details Blog: https://cyberwar.ro/ Twitter:   / victorpetrescu