MENASEC - Applied Security Research

Pages

▼
Monday, 4 January 2021

How to Design Abnormal Child Processes Rules without Telemetry

›
    In detection engineering we often encounter attack techniques that result into a system process spawning an unusual child process, which...
Friday, 27 November 2020

How to Design Detection Logic - Part 1

›
   In this first part we are going to share with you some common logical and high level steps we tend to follow to design detection logic fo...
1 comment:
Friday, 4 September 2020

Hunting Local Accounts and Groups Changes using Sysmon

›
   Visibility on local accounts and groups changes is as important as for Domain ones for both good systems hygiene and security . attackers...
11 comments:
›
Home
View web version
Powered by Blogger.