Cybersecurity

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

26 sec read6 views0 listens

This guide provides a practical walkthrough of Splunk's Search Processing Language (SPL) from a Security Operations Center (SOC) analyst's perspective, covering searching, filtering, structuring, transforming, and anomaly detection. Developers and security professionals can learn how to efficiently query and analyze vast amounts of telemetry data for incident response and threat hunting. Understanding SPL is crucial for effective SIEM utilization.

Read the full article at InfoSec Write-ups - Medium

Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.

Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware

Based on the provided information, here's a summary of the malware analysis and attack lifecycle: Malware Analysis ms_upd.exe (Downloader) Functionality: Acts as a downloader to retrieve additional payloads from a C2 server. Behavior: Collects host ...

Ali Nemati

CybersecurityApr 2660 sec read

Malware Analysis: payloadfinal.bin (Agent Tesla)

The analysis of "payloadfinal.bin" reveals it is a variant of Agent Tesla, a well-known form of malware that primarily targets Windows systems. This particular sample exhibits several sophisticated techniques aimed at evading detection while stealing...

Ali Nemati

CybersecurityApr 928 sec read

Guiding Symbolic Execution with Static Analysis and LLMs for Vulnerability Discovery

Researchers have developed SAILOR, a tool that automates the detection of memory-safety vulnerabilities in large codebases by integrating static analysis with language model orchestration and symbolic execution. This innovation significantly enhances...

Ali Nemati

CybersecurityApr 81m read

Building Phishing Detection That Works: 3 Steps for CISOs

The article "Building Phishing Detection That Works: 3 Steps for CISOs" outlines a strategic approach to enhancing an organization's ability to detect and respond to phishing attacks effectively. Here are the key points from the article: Key Points ...

Ali Nemati

CybersecurityApr 51m & 2 s read

Image or Malware? Read until the end and answer in comments :)

The article you've shared provides a detailed analysis of a malware attack and its components. Here's a summary: Overview: The report describes the steps taken by an attacker to infect a system using a malicious .cmd file. It includes indicators of ...

Ali Nemati

Splunk Exploring SPL: A Practical SOC Analyst Walkthrough for Search, Detection, and Threat Hunting

Related Articles

Muddying the Tracks: The State-Sponsored Shadow Behind Chaos Ransomware

Malware Analysis: payloadfinal.bin (Agent Tesla)

Guiding Symbolic Execution with Static Analysis and LLMs for Vulnerability Discovery

Building Phishing Detection That Works: 3 Steps for CISOs

Image or Malware? Read until the end and answer in comments :)