Scaling your threat hunting operations with CrowdStrike and PSFalcon | allinfosecnews.com

Dec. 13, 2023, 8 a.m. | Dimitris Binichakis

NVISO Labs blog.nviso.eu

Introduction Most modern day EDRs have some sort of feature which allows blue teamers to remotely connect to hosts with an EDR agent/sensor installed, to aid in their investigation of incidents. In CrowdStrike, this is called Real Time Response, and it provides a wide range of capabilities, from executing built-in commands like ipconfig and netstat … Continue reading →

agent aid automation blue blue team called capabilities connect crowdstrike edr edrs feature hunting incidents introduction investigation operations powershell real real time response scaling sensor sort threat threat hunting

More from blog.nviso.eu / NVISO Labs

Top things that you might not be doing (yet) in Entra Conditional Access – Advanced … 2 months ago | blog.nviso.eu

access advanced azure azure ad +16

Unpacking Flutter hives 2 months ago | blog.nviso.eu

access app applications application security +22

Become Big Brother with Microsoft Purview 2 months, 1 week ago | blog.nviso.eu

big big brother can companies +31

Covert TLS n-day backdoors: SparkCockpit & SparkTar 2 months, 2 weeks ago | blog.nviso.eu

amp applications backdoor backdoors +17

Top things that you might not be doing (yet) in Entra Conditional Access 2 months, 3 weeks ago | blog.nviso.eu

access azure azure ad b2b +20

Is the Google search bar enough to hack Belgian companies? 3 months, 3 weeks ago | blog.nviso.eu

applications application security awareness belgium +27

Deobfuscating Android ARM64 strings with Ghidra: Emulating, Patching, and Automating 4 months ago | blog.nviso.eu

android app application security arm64 +16

Scaling your threat hunting operations with CrowdStrike and PSFalcon 5 months ago | blog.nviso.eu

agent aid automation blue +22

RPC or Not, Here We Log: Preventing Exploitation and Abuse with RPC Firewall 5 months, 1 week ago | blog.nviso.eu

abuse blog blue team deploy +14

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France

View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com