One of the main things that you can do with Splunk Enterprise Security is dealing around the Incident Review dashboard. You can customize this to be the most helpful to you when doing threat hunting. One of the ways is to automate your searches to create notable events automatically so that you don't have to continually look for them.
Sunday, August 21, 2016
Sunday, April 3, 2016
Saturday, March 12, 2016
Its been a while since I have written about how to protect your self from the prying eyes of government. So if your trying to protect your self against the NSA, GCHQ, or who ever here are some things that you can do to help protect yourself.
Saturday, October 17, 2015
Wednesday, October 14, 2015
Using powershell to create a script to check if the clients password is going to be expiring in the next 5 days.
Thursday, September 17, 2015
Security training and resources. I am creating this post mostly to help myself keep track of all the different infosec resources, applications, and study material for exams like Comptia Security+, CEH, CISSP, OSCP, and others. This is a resource for offensive security practices and tools. This list will be updated as time goes on.
Tuesday, September 15, 2015
After taking many classes on Advanced penetration testings i find that many of these classes are very basic when it comes to their subjects. So here are some resources to better round off your penetration testing in more depth than just the basics that most of these "Advanced" classes go through.