all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

FalconEye: Splunk Threat Hunting

Add to bookmarks
July 16, 2023, 6:28 p.m. | Hacktivities

InfoSec Write-ups - Medium infosecwriteups.com

Wallpaper

This article provides my approach for solving the FalconEye blue team ctf challenge on the CyberDefenders website, a blue team-focused challenge that requires you to investigate a security breach in an Active Directory network using Splunk SIEM (Security information and event management) solution to uncover the attacker’s steps and techniques while creating a timeline of their activities.

Disclaimer

I like to add a brief disclaimer before a writeup to encourage people to attempt the room before reading this article, …

active directory article blue blue team breach challenge ctf ctf challenge cybersecurity directory event event management hunting information management network security security breach siem solution splunk team techniques technology threat threat hunting timeline uncover website

Visit resource

More from infosecwriteups.com / InfoSec Write-ups - Medium

AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekers 1 week, 1 day ago | infosecwriteups.com
bug bounty cloud cybersecurity india +1
Honeypots 101: A Beginner’s Guide to Honeypots 1 week, 2 days ago | infosecwriteups.com
art attacker attackers attacks +19
No Dev Team? No Problem: Writing Malware and Anti-Malware With GenAI 1 week, 2 days ago | infosecwriteups.com
ai anti-malware can companies +29
The Diamond Model: Simple Intelligence-Driven Intrusion Analysis 1 week, 3 days ago | infosecwriteups.com
analysis continue cyber cybersecurity +18
Analysis of Competing Hypotheses: How to Find Plausible Answers 1 week, 3 days ago | infosecwriteups.com
analysis continue cybersecurity discover +10
Devvortex Hackthebox Walkthrough 1 week, 3 days ago | infosecwriteups.com
cybersecurity htb htb-walkthrough htb-writeup +1
Port Scanning for Bug Bounties 1 week, 3 days ago | infosecwriteups.com
bug bounty bug-bounty-tips cybersecurity infosec +1
How I Accidentally Discovered an Insecure Direct Object Reference (IDOR) Vulnerability on Coursera 1 week, 3 days ago | infosecwriteups.com
article certificate coursera cybersecurity +15
TryHackMe - Mr. Robot CTF 1 week, 3 days ago | infosecwriteups.com
ctf linux security tryhackme

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Engineer

@ SNC-Lavalin | GB.Bristol.The Hub
View on infosec-jobs.com

Application Security Engineer

@ Virtru | Remote
View on infosec-jobs.com

SC2024-003563 Firewall Coordinator (NS) - TUE 21 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com

Senior Application Security Engineer

@ Fortis Games | Remote - Canada
View on infosec-jobs.com

DevSecOps Manager

@ Philips | Bengaluru – Embassy Business Hub
View on infosec-jobs.com

Information System Security Manager (ISSM)

@ ARA | Raleigh, North Carolina, United States
View on infosec-jobs.com
View more jobs