Source of Logs in Azure(P2 :- Tenant/Subscription Logs) : A Comprehensive Guide for Incident Response
While the Log Analytics Workspace is an excellent tool for monitoring and analyzing logs in Azure, storing logs in a Storage Account...
top of page
-
20 hours ago2 min read
A New Era of Global Stability
As someone living outside the United States, I often hear people say that U.S. elections don’t impact us directly. But I see things...
35 views0 comments
-
2 days ago7 min read
Source of Logs in Azure(P1 :-Tenant Logs) : A Comprehensive Guide for Incident Response
In cloud-based environments like Azure, maintaining comprehensive visibility over all activities is essential for securing your...
23 views0 comments
-
3 days ago5 min read
Azure Compute: Understanding VM Types and Azure Network Security for Incident Response
Microsoft Azure provides a wide range of compute services, organized based on workload types and categorized as Infrastructure as a...
19 views0 comments
-
4 days ago10 min read
"Azure Resource Groups and Role-Based Access Control: A Comprehensive Guide for Incident Response and Forensics in the Cloud"
Microsoft Azure is a vast ecosystem of cloud-based services and tools, offering almost limitless possibilities for building, managing,...
21 views0 comments
-
6 days ago7 min read
"Step-by-Step Guide to Uncovering Threats with Volatility: A Beginner’s Memory Forensics Walkthrough"
Alright, let’s dive into a straightforward guide to memory analysis using Volatility. Memory forensics is a vast field, but I’ll take you...
39 views0 comments
-
7 days ago5 min read
MemProcFS/MemProcFS Analyzer: Comprehensive Analysis Guide
MemProcFS is a powerful memory forensics tool that allows forensic investigators to mount raw memory images as a virtual file system ....
52 views0 comments
-
Oct 304 min read
Memory Forensics Using Strings and Bstrings: A Comprehensive Guide
Memory forensics involves extracting and analyzing data from a computer's volatile memory (RAM) to identify potential Indicators of...
40 views0 comments
-
Oct 288 min read
Fileless Malware || LOLBAS || LOLBAS Hunting Using Prefetch, Event Logs, and Sysmon
Fileless malware refers to malicious software that does not rely on traditional executable files on the filesystem , but it is important...
106 views0 comments
-
Oct 265 min read
Leveraging Automation in AWS for Digital Forensics and Incident Response
For those of us working in digital forensics and incident response (DFIR) , keeping up with the cloud revolution can feel overwhelming...
20 views0 comments
-
Oct 257 min read
Optimizing AWS Cloud Incident Response with Flow Logs, Traffic Mirroring, and Automated Forensics
When it comes to managing networks—whether on-premise or in the cloud—one of the biggest challenges is understanding what’s happening...
16 views0 comments
-
Oct 246 min read
AWS Security Incident Response Guide: A Dive into CloudWatch, GuardDuty, and Amazon Detective
AWS’s very own Security Incident Response Guide . While I’ll cover some of the main highlights here, it’s worth taking a full look...
30 views0 comments
-
Oct 235 min read
Power of AWS: EC2, AMIs, and Secure Cloud Storage Solutions
AWS Regions and API Endpoints Amazon Web Services (AWS) is a cloud platform offering a vast array of services that can be accessed and...
22 views0 comments
-
Oct 228 min read
AWS: Understanding Accounts, Roles,Secure Access and AWS Instance Metadata Service (IMDS) and the Capital One Breach
Amazon Web Services (AWS) has grown into a powerful platform used by businesses around the world to manage their data, infrastructure,...
28 views0 comments
-
Oct 215 min read
Cloud Services: Understanding Data Exfiltration and Investigation Techniques
In today’s cybercrime landscape, attackers are increasingly turning to cloud services for data exfiltration. While this presents...
29 views0 comments
-
Oct 195 min read
Microsoft 365 Security: Understanding Built-in Detection Mechanisms and Investigating Log Events
As the landscape of cybersecurity threats evolves, protecting sensitive information stored within enterprise platforms like Microsoft 365...
21 views0 comments
-
Oct 185 min read
Streamlining Cloud Log Analysis with Free Tools: Microsoft-Extractor-Suite and Microsoft-Analyzer-Suite
When it comes to investigating cloud environments, having the right tools can save a lot of time and effort. Today, I’ll introduce two...
59 views0 comments
-
Oct 174 min read
Streamlining Office/Microsoft 365 Log Acquisition: Tools, Scripts, and Best Practices
When conducting investigations, having access to Unified Audit Logs (UALs) from Microsoft 365 (M365) environments is crucial. These logs...
37 views0 comments
-
Oct 163 min read
M365 Logging: A Guide for Incident Responders
When it comes to Software as a Service (SaaS), defenders heavily rely on the logs and information provided by the vendor . For Microsoft...
32 views0 comments
-
Oct 154 min read
Microsoft Cloud Services: Focus on Microsoft 365 and Azure
Cloud Providers in Focus: Microsoft and Amazon In today’s cloud market, Microsoft and Amazon are the two biggest players, with each...
32 views0 comments
bottom of page