A New Era of Security
Cyberattacks are now more common than ever. These attacks have ability to reach a global scale and result in harm and losses on a huge scale towards an individual as well as a business.
It has become more crucial than ever to be self-aware and protected from as many threats as we can.
On this website I share my journey as a Cybersecurity Consultant and my findings. Stay Tuned for more stuff and enjoy your time being here. Hope you find these things useful.
Security Audits are really necessary as they help us identity our biggest anomalies and play a crucial role in making company more secure and protecting them from unknown risks.
SIEM and SOAR Solution
In today’s world where there is abundance of data and incidents happening every minute, a SIEM and a SOAR solution are really important to be able to effectively and effeciently deal against Cyber-Threats. An Example of such solution is Microsoft Azure Sentinel. Check out my Blogs for more information on Azure Sentinel as a SIEM.
Threat Intelligence & Hunting
Organizations all around the world spend millions of dollars on Cybersecurity. Lots of Threat Intelligence is released by such organizations and it has become dominant to have those feeds in our environment to make sure they are blocked of. Check out below for such threat intellifence feeds in my findings.
What to do when an Incident occurs?
The 6 stages for an Incident Response plan are: Preparation, Identificiation, Containment, Eradication, Recovery and Lessons Learned.
"There are only two types of companies: those that have been hacked, and those that will be"
– Robert Muelier
FBI Director, 2012
Our Approach to Security and Blogs
How to Deploy Anti-Ransomware Kill Switch on File Server
Login To the file server as admin. Open Server Manager and install the File server Resource Manager role if not installed. After installing Reboot the server. Once up, open powershell as admin and run the following script. # DeployCryptoBlocker.ps1 # Version: 1.1...
Azure Sentinel Training- Sentinel SIEM- A Complete Guide
Table of Contents Introduction What is SIEM and SOAR? What is Azure Sentinel? Azure Sentinel Pricing Log Analytics and Azure Sentinel Overview Deep Dive and Deployment Workspace Data Connectors Analytics Rules Hunting Rules Workbooks Automation Threat Intelligence...
How to Track Active Directory Account and Group Membership Changes?
Audit Active Directory Account and Group Membership Changes To Azure Sentinel Currently Microsoft Azure Sentinel does not ingest Active Directory User Account and Group Membership changes and audit. The recent connector “Security Events” is built in to ingest...
Monday-Friday: 8am – 5pm
Its never too late to get started. Remember- Its not “If something happens, its When it happens”.