#jobs #vulnerability #incident #patch-management #security-tools #ai #exploit #malware #detection-engineering #phishing #cloud #aws #authentication #ransomware #breach
Articles tagged with: #blue-team Clear filter
Freelance Pentesting

Freelance Pentesting

cybersecurity www.reddit.com

Hi everyone, I'm a mid level cybersecurity consultant. I've done red team as well as blue team and GRC projects. I'm looking to transition into freelance projects on the side and I don't know how to find clients. I prefer small-to-mid businesses and productized packages (not huge corporate/government RFPs). What's worked for you to find clients? I'm considering: 1. LinkedIn outreach to IT managers directly 2. Partnering with MSPs / MSSPs that I can act as a subcontractor for 3. Local networking...

#red-team #blue-team
Detecting Tampering of Windows Security Audit Policy

Detecting Tampering of Windows Security Audit Policy

Detect FYI - Medium detect.fyi

Recently, I finished reading a book I strongly recommend to anyone working in Threat Hunting, BTFM (Blue Team Field Manual). Among the different topics mentioned on it, I want to talk about the auditpol.exe which is a built-in Windows command-line utility used to view and configure the Windows security auditing policy. It controls what types of security-relevant actions (logon events, privilege use, object access, policy changes, etc.) are recorded in the Windows Security event log. Why...

#threat-hunting #blue-team
Aside from CompTIA Security+ what else is good for entry level certification?

Aside from CompTIA Security+ what else is good for entry level certification?

cybersecurity www.reddit.com

I really need some opinion here since I don't know which one is better or which one I like better (Blue team or Red team) I'm more inclined on taking the Blue team since I'm hoping to take the Incident Response path. Is there any good certification to build up foundation for this path? Our company is giving us free certification but since most of our members are taking Security+ and BTL1, I need to take other certification since they limited people who can take those. By the way I'm a SOC...

#incident #red-team #incident-response #blue-team
Do SOC teams want more hands-on training tools?

Do SOC teams want more hands-on training tools?

cybersecurity www.reddit.com

I work on the blue team for a Fortune 50 company and have noticed a gap in how most SOC training works. A lot of current platforms we pay for feel static. they test knowledge but don't really mirror what real detection, and investigation's look like. I've been experimenting with a project that connects directly to SIEM data to simulate realistic incidents and let teams train in an environment that feels like production. Curious if there's real interest in more hands-on, SOC training like this....

#detection-engineering #siem #blue-team
Thinking about an open source project

Thinking about an open source project

cybersecurity www.reddit.com

I'm thinking of a small open-source project to let SOC analysts and blue-team folks use or generate logs like DNS logs, SSH logs, Sysmon logs, Palo Alto Threat logs etc. I have personally experienced a lot of challenges in testing my detection. I get enough time in the weekend and I seriously want to grow my github followers too. Do you think it would be worth spending my time in building the database of the logs and also a webapp to generate a custom log? submitted by /u/Shinigamihax [link]...

#detection-engineering #blue-team