Posts

Article Series

#cryptology fundamentals #incident response #introduction to malware analysis #network analysis with wireshark #network security and management #python for hackers #sentinelone edr #threat hunting walkthroughs #wazuh siem

Sep 29, 2025 in Threat Hunting Walkthroughs

Threat Hunting with CTI Walkthrough — LetsDefend

Cyber Threat Intelligence (CTI) refers to the information collected, evaluated, and analyzed about cyber threats. It includes how, where, and by whom cyber attacks are carried out, the targets of the attacks, and the techniques used. CTI helps …

Read More →
Sep 21, 2025 in Threat Hunting Walkthroughs

Threat Hunting with SIEM Walkthrough — LetsDefend

In today's digital world, the number and complexity of cyber threats are increasing rapidly. Developing an effective defense strategy against these threats is becoming more challenging every day. In this context, SIEM Systems and Threat Hunting …

Read More →
Sep 20, 2025 in Threat Hunting Walkthroughs

Threat Hunting with Firewalls Walkthrough — LetsDefend

Firewall logs are a critical source of data for monitoring network traffic and analyzing security incidents. During threat hunting, firewall logs are used to detect potential threats, identify anomalies, and respond to security incidents quickly and …

Read More →
Sep 19, 2025

Microsoft's Cloud-First Strategy and Data Privacy

In recent years, Microsoft has clearly adopted a “cloud-first” approach, positioning its products — such as Windows Server, identity management, and others — to integrate closely with the Azure cloud. For example, Microsoft's documentation …

Read More →
Sep 19, 2025

Microsoft's Cloud-Focused Strategy

Microsoft has clearly adopted the "cloud-first" approach in recent years; Windows Server is positioning itself to integrate its identity management and other products with the Azure cloud. For example, Microsoft documentation emphasizes that Windows …

Read More →
Aug 29, 2025 in Incident Response

TheHive Incident Response Platform

TheHive is designed as an open source Security Incident Response Platform (SIRP). Focuses on incident management, team-based collaboration and threat intelligence integration. TheHive's core functions include collecting alarms, converting them into …

Read More →
Aug 27, 2025

Security Onion for Security Analysts

Security Onion is an open source security platform and was developed by cybersecurity experts. Essentially, it offers functions such as network visibility, computer visibility, intrusion detection, log management, and event management.

Read More →
Aug 19, 2025 in Network Security and Management

Network Management and Security X: SOC and NOC Processes

SOC (Security Operations Center) and NOC (Network Operations Center) are two central structures that complement each other but have different focuses. NOC monitors an organization's network infrastructure, system performance and service continuity …

Read More →
Aug 17, 2025

Ensuring Persistence for SOC Analysts Comprehensive XDR Analysis Guide

In cyber security operations, persistence is one of the most critical stages that allows an attacker to leave a permanent footprint on the system. This makes it possible for the attack to reach its long-term goals beyond the initial access vector …

Read More →
Aug 12, 2025 in Network Security and Management

Network Management and Security IX: Cloud Security and Hybrid Network Architectures

Digital transformation has irreversibly changed the enterprise IT landscape. Moving from static, on-premises data centers to dynamic, scalable and innovative cloud environments is no longer a trend, but a fundamental business imperative. Driven by …

Read More →