Snort has been around for a while, and for good reason. It’s one of the most widely used open-source intrusion detection systems (IDS) out there. Built by Martin Roesch in 1998, it can sniff packets, detect anomalies, and trigger alerts based on predefined or custom rules. Think of it like a digital watchdog for your […]
SNORT Lab : Building a Rule-Based IDS Lab for Attack Detection Read More »
Hey folks, we’re back with the next chapter of our APT investigation journey. If you’ve been following along, you know we’ve been knee-deep in this cyber-security challenge. In Part-1, we scratched the surface and uncovered some interesting details about an APT incident at Wayne Enterprises, using Splunk to guide us. If you haven’t already then
Investigating an APT with Splunk – Part 2 Read More »
Hey everyone, today we are going to do a little project with Splunk which is a SIEM tool that we’ll be utilising to investigate an attack that was carried out recently. Now just to make it clear, this is neither an actual investigation nor is the attack real. Everything that we will be doing today
Investigating an APT with Splunk – Part 1 Read More »