all InfoSec news
FalconEye: Splunk Threat Hunting
InfoSec Write-ups - Medium infosecwriteups.com
This article provides my approach for solving the FalconEye blue team ctf challenge on the CyberDefenders website, a blue team-focused challenge that requires you to investigate a security breach in an Active Directory network using Splunk SIEM (Security information and event management) solution to uncover the attacker’s steps and techniques while creating a timeline of their activities.
Disclaimer
I like to add a brief disclaimer before a writeup to encourage people to attempt the room before reading this article, …
active directory article blue blue team breach challenge ctf ctf challenge cybersecurity directory event event management hunting information management network security security breach siem solution splunk team techniques technology threat threat hunting timeline uncover website