WELCOME TO CRONINITY

Virtualization platforms have become standard in many organizations and have been more commonly been exploited by threat actors.

Linux Incident Response Approach Overview When conducting incident response on Linux systems, certain types of analysis can be performed quickly and effectively using built-in Linux tools. This initial analysis often provides insights into how the system was compromised and the actions taken during the breach. However, advanced threat actors may employ techniques that complicate the investigation, requiring more time-consuming and sophisticated analysis methods. This Linux an

If an elastic query in the dashboard does not return any records, the dashboard may not display zero values for the visualized data.

EDR/XDR platforms often lack transparency in their detection logic.

Three categories of Insider Threats: Malicious insiders Theft of IP Sabotage Espionage Negligent Insiders Ignoring policy and procedures...

A highly recommended book for navigating a new leadership role is The First 90 Days.

Parent Events versus Base Events Concept The diagram below highlights the SOC Triad, with core cybersecurity tools like Network Detection...

Three password cracking techniques that can be used with the password cracking tool hashcat. The three techniques are: Dictionary based...

Host based IR Approach The main categories of alerts come from the following sensor instrumentation: Network sensors Identity sensors...

SOC Analyst Screening Questions The questions below are some basic questions that most SOC analysts with some experience should be able...

Overview of major security tools related to web traffic protection Protection from Inside to Outside Traditional web protection largely...

Zeek, and Corelight sensors specifically, divide the process of handling and analyzing data into four distinct areas, as illustrated in...

HTTP is one of the most widely recognized protocols, essential for daily internet communication. Its ubiquity ensures it’s readily...

If you have the same dashboard content you want to display across multiple similar but different items, it can be extremely cumbersome to...

The externaldata KQL operator enables you to download data from the Internet and temporarily store it as a KQL table for querying. It...

Many people take Internet connectivity for granted, but it’s made possible by network operators. These service providers interconnect...