Cyber Security Architect
Source

Hi Medium! Here we are again with a new article about Sentinel.

In this article, we will go give a simple introduction on how to create an alert on Sentinel.

Contents

Detect Brute Forcing Attack using KQL

Define brute force

Understanding

KQL code

Alert Brute Forcing Attack on RDP

Simulate the RDP attack

Resources

Detect Brute Forcing Attack using KQL

To create an alert, we need to first know what we want to detect and how to detect it so…

Source

Hi Medium! Here we are again with a new article about Sentinel.

In this article, we will introduce how to link threat intelligence platform feeds to our Azure Sentinel.

Contents

Definition of TAXII and STIX. 2

STIX. 2

TAXII 2

How to add Anomali TI feeds to Sentinel

How to add IBM X-Force Feeds to Sentinel

Definition of TAXII and STIX

STIX

STIX, short for Structured Threat Information eXpression, is a standardized language developed by MITRE and the OASIS Cyber Threat Intelligence (CTI)…

Source

How to detect a cyber attack or a threat

Hi Medium! Here we are again with a new article, today we will talk about advanced threat detection and the several methods used in defense as follows:

  1. Threat Detection Concept
  2. How We Can Detect Threats

1. Threat Detection Team

Facing different attacks is not an easy job, the threat detection team need to act…

Source

Hi Medium! Here we are again with a new article, I was asked by a friend in my last article about Enumeration to provide a breakout on the SMTP technique.

In this article, we will go through different tools and techniques that should be known to retrieve information about your…

Source

Hi Medium! Here we are again with a new article, today we will share a small tutorial where we will implement the OSSIM solution, so we will talk about :

Introduction
2.1 Work environment
2.1.1 Hardware environment
2.1.2 Software environment
2.2 Implementation and test
Conclusion

Introduction

In this chapter, we…

Source

TLS Overview

Hi Medium! Here we are again with a new article, today we will talk about TLS Overview as follow:

1. Confidentiality
2. Integrity
3. Availability
4. Defence in Depth
5. Symmetric encryption
6. Asymmetric encryption
7. Cryptographic Hash function
8. Man In The Middle (MITM)
9. Transport Layer Security
10. Banking Malware That Uses TLS…

Enumeration

Hi Medium! This is the Enumeration part.
In this chapter we are going to discover the following topics:

  • Introduction
  • Why Enumeration?
  • Enumeration techniques
  • Enumeration Tools on Linux and Windows
  • Summary

Introduction

The most important phase before attacking a target is “Reconnaissance”.The more effort the attacker put in during this phase the…

M'hirsi Hamza

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store