Skip to content
Threat Detection Engineering
How rare is a rare HTTP agent? Context-rich alerts because of math
Splunking BOTS V3: Q212, Q214, Q300
SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs
Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330
Splunking questions from BOTS v3 dataset – Q215
JIRA workflow for Detection Engineering teams
SPL Nuggets: Know your admins – from eventlogs!
SIEM use cases development workflow – Agile all the things!
It’s about time to change your correlation searches timing settings
Mapping SDLC to security use cases development process
Join 30 other followers
Sign me up
Already have a WordPress.com account?
Log in now.
Report this content
View site in Reader
Collapse this bar
Write a Comment...