all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Monitoring for Suspicious GitHub Activity with Google Security Operations

Add to bookmarks
July 4, 2024, 5:16 p.m. | /u/jnazario

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

By David-French: "In this two-part blog series, I’m going to demonstrate how a security team can use the Google Security Operations platform to proactively monitor for and detect suspicious and notable behaviors in their GitHub Enterprise environment. Part one will walk through the process of ingesting GitHub audit logs in Google Security Operations. In part two, I’ll provide details on the 26 rules that we’ve shared to help security teams get started with monitoring their GitHub environment. I’ll …

audit audit logs behaviors blog blueteamsec can detect enterprise environment french github google google security google security operations logs monitor monitoring operations platform process security security operations security operations platform security team series team

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

When the hunter becomes the hunted: Using custom callbacks to disable EDRs 7 hours ago | www.reddit.com
blueteamsec custom edrs hunter +1
REvil case in Russia finally went to trial 1 day, 8 hours ago | www.reddit.com
blueteamsec case revil russia +1
TeamViewer IT security update - July 4th update - "Based on the results of our … 1 day, 17 hours ago | www.reddit.com
blueteamsec corporate cyber cyber security +16
Cloudflare 1.1.1.1 incident on June 27, 2024 1 day, 17 hours ago | www.reddit.com
1.1.1 1.1.1.1 blueteamsec cloudflare +2
GitHub - efeali/fragtunnel: Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use … 1 day, 19 hours ago | www.reddit.com
application blueteamsec bypass can +13
DonPAPI automates secrets dump remotely on multiple Windows computers, with defense evasion in mind. 2 days, 9 hours ago | www.reddit.com
blueteamsec computers defense defense evasion +4
Unfurling Hemlock: New threat group uses cluster bomb campaign to distribute malware 2 days, 11 hours ago | www.reddit.com
blueteamsec bomb campaign cluster +3
Suspicious Url Analysis 2 days, 16 hours ago | www.reddit.com
analysis blueteamsec cti detections +9
Use SSH on Windows, they said…„Deny Logon“ policies do not affect SSH 3 days, 9 hours ago | www.reddit.com
blueteamsec logon policies ssh +1

Jobs in InfoSec / Cybersecurity

Find Talent

Sr. IT Internal Auditor

@ CCC Intelligent Solutions | Chicago (Green St), IL
View on infosec-jobs.com

Sr. Principal Product Manager

@ Forcepoint | USA - Remote
View on infosec-jobs.com

Principal Software Engineer

@ Rapid7 | NIS Belfast
View on infosec-jobs.com

Consultant as Network & Security Administrator ( Cloud Oriented )

@ Teamwork Corporate | Moka, Mauritius
View on infosec-jobs.com

Access Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 1000) client
View on infosec-jobs.com

Associate, Technology Audit

@ BlackRock | AT8 - 725 Ponce de Leon Ave NE, Atlanta
View on infosec-jobs.com