Boss Of The SOC v1 Lab | CyberDefenders

Posted Feb 14, 2025

By lr2t9iz 1 min read

In this new challenge, we have two scenarios. As I always mention, before addressing the scenarios, we need to identify the available security event sources. Then, we should understand the scenarios — that is, to know and comprehend the hypothesis or at least recognize the alarm signal that triggers the start of our investigation. This can be done either by using an SPL query or through the Splunk interface, which is the tool we will be using

https://medium.com/@mitzepx01/boss-of-the-soc-v1-lab-cyberdefenders-threat-hunting-6a20490a7c1a

Threat Hunting, Write-Ups

difficulty:medium siem:splunk

This post is licensed under CC BY 4.0 by the author.

Trending Tags

difficulty:low difficulty:medium os:windows siem:splunk tools difficulty:easy difficulty:hard endpoint siem:qradar test