Recent Posts

A tour inside a SOC analyst mind

6 minute read

As a mentor in a SOC, I often receive questions from junior analysts about the best way to approach analysis. To help them develop their skills, I sometimes ...

Analyzing SOC Data Using Jupyter Notebook

5 minute read

Detection Controls usually focus on telemetry collection, and in most cases lack data analytic capabilities. Hence, It would be necessary to export the data ...

Remote Full Packet Capture

8 minute read

Tool such as TCPDump captures full packet data and store to desk, it doesn’t provide a way to capture and stream the packets to a remote destination. I have ...