MITRE ATT&CK Matrix – C2 Connection Proxy

Identifying Long Connections with Bro/Zeek

MITRE ATT&CK HTTPS

Log Analysis Part 3 – Lateral Movement

Log Analysis Part 2 – Detecting Host Attacks: Or, How I Found and Fell in Love with DeepBlueCLI

Log Analysis Part 1 – Enterprise Logging Approaches