The attacks on the Linux system are common since decades, but how common are Linux logs collected and processed for better detections? This blog highlights how open source platform can be leveraged in detecting simple to sophisticated attacks with bunch of rules and configurations on the endpoint. How interesting it…

Network traffic is always noisy. But sometimes it whispers too. So, why not pay a very close attention when it whispers “BRO” 🦊 This blog talks solely about well-known Network Security Monitoring (NSM) Tool — ZEEK (formerly known as BRO). Being an open-source platform, Zeek is the perfect choice as…

Dogs are playful so are the Kerberos. This attribution to 3 headed-dog is from Greek Mythology which was known for guarding the gates of Hades. Similarly, Kerberos protocol in other hand was built in 1980s keeping in mind to secure the resources in the networked environment. While Kerberos is considered…

With Sysmon configured on endpoints, ELK + Wazuh stack will facilitate greatly in performing Threat Hunting operations. We know that threat landscape is increasing exponentially day by day and perpetrators are employing sophisticated techniques to fly always under radar. …