Sign in

Cyber Security Architect
Source

How to detect a cyber attack or a threat

Hi Medium! Here we are again with a new article, today we will talk about advanced threat detection and the several methods used in defense as follows:

  1. Threat Detection Concept
  2. How We Can Detect Threats

1. Threat Detection Team

Facing different attacks is not an easy job, the threat detection team need to act…


Source

Hi Medium! Here we are again with a new article, I was asked by a friend in my last article about Enumeration to provide a breakout on the SMTP technique.

In this article, we will go through different tools and techniques that should be known to retrieve information about your…


Source

Proxy types and how it works

Hello Medium!! I always missed understanding the way proxies are used, however, the definition is so simple but people still miss understand how they are used and each time they made me unsure of the knowledge I have. So once and for all we will go together through all the…


Source

Hi Medium! Here we are again with a new article, today we will share a small tutorial where we will implement the OSSIM solution, so we will talk about :

Introduction
2.1 Work environment
2.1.1 Hardware environment
2.1.2 Software environment
2.2 Implementation and test
Conclusion

Introduction

In this chapter, we…


Source

SOC technology and Best Practice

Hi Medium! Here we are again with a new article, today we will talk about SOC technology and Best Practice. We are going to discover :

+ What is SOC?
+ Why is SOC Important?
+ SOC Management
+ Best Practice
+ Conclusion

1- What is SOC?

SOC (Security Operation Center), is a division…


Source

TLS Overview

Hi Medium! Here we are again with a new article, today we will talk about TLS Overview as follow:

1. Confidentiality
2. Integrity
3. Availability
4. Defence in Depth
5. Symmetric encryption
6. Asymmetric encryption
7. Cryptographic Hash function
8. Man In The Middle (MITM)
9. Transport Layer Security
10. Banking Malware That Uses TLS…


Enumeration

Hi Medium! This is the Enumeration part.
In this chapter we are going to discover the following topics:

  • Introduction
  • Why Enumeration?
  • Enumeration techniques
  • Enumeration Tools on Linux and Windows
  • Summary

Introduction

The most important phase before attacking a target is “Reconnaissance”.The more effort the attacker put in during this phase the…


Source

Rsyslog configuring with TLS (send log file)

Hi Medium! Here we are again with a new article, today we will share a small tutorial where we will talk about all the steps that we need to configure Rsyslog and to create certificates:

1. Rsyslog
2. TLS
3. Software needed
4. Configuration
Summary
Read more

1. Rsyslog

Rsyslog is an…


Source

Use Threat Intelligence and Python Scripts In Malware Detection

[4min Reading]

Hi Medium! Here we are again with a new article, today we will talk about advanced threat detection using threat intelligence and well-dedicated scripts using python as follow:

  1. Threat Intelligence definition
  2. Blacklisted IP
  3. Blacklisted Domain
  4. Blacklisted Certificate

1. Threat Intelligence definition

Intelligence, as defined by Edward Waltz, is “the information and knowledge…


Source

SIEM Technology

Hi Medium, here we are again with a new article, today we will talk about SIEM technology and it’s importance in any environment:

+ What is SIEM?
+ Why is SIEM Important?

M'hirsi Hamza

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store