Threat Simulation – Client Signatures (TLS Signature)
Threat Simulation – Certificate Issues
Threat Simulation – Beacons
Threat Simulation – DNS
Threat Simulation – Client Signatures (User Agent)
Threat Simulation – Unexpected Protocol on Non-Standard Port
Threat Simulation Overview and Setup
Identifying Compromises Through Device Profiling
How to Use Zeek to Catch Data Exfiltration With a Single Command – Video Blog
Suspicious Traffic Found – What Are the Next Steps?
Finding the Cumulative Communication Time Between Systems Using Zeek – Video Blog
Finding Long Connections With Zeek – Video Blog