BTL1 Prep: Boss of the SOC v1 on Proxmox
In this post, I walk you through the steps of running on Proxmox the Boss of the SOC v1 challenge from CyberDefenders.
By
0xBEN
Threat Hunting
Threat Hunting
By
0xBEN
Proxmox: Running OpenCTI
In this post, I walk you through steps of running an OpenCTI server to aggregate threat intelligence into a single interface.
By
0xBEN
Threat Hunting with FleetDM and Osquery
Recently, the folks at Chainguard open-sourced some Osquery threat hunting queries, so I wrote a script to convert the queries to YAML docs for import into FleetDM.
By
0xBEN
Hunting with Wazuh: Adding Context
In this post, I elaborate on the Log All JSON option in the Wazuh Manager's configuration and how that can add more context beyond just alerts.
By
0xBEN