🎁 We're giving away 20 FREE SAL2 certifications 🎁
The wait is over...SAL2 is officially here 🚀 Security Analyst Level 2 is the certification that proves you can investigate, decide, and lead in a real SOC. The only defensive cert that covers every domain a real L2 analyst faces!
💸 With a special launch price of $599 valid until 2 April only.
🚀 Comment, SHARE and fill in the form to enter the free cert giveaway ▶️ https://t.co/j4tOzqIjuo
❓Want to know more what SAL2 is about see here: https://t.co/DAej3B9q7j
You asked and we answered...
Because of the interest in our merch, we've decided to run a giveaway! We're offering merch bundles to 10 lucky winners (items may vary to those shown).
To enter:
🛡️ Follow us and @CysecCareers
🛡️ Retweet this tweet
Worldwide. Closes Jan 5, 2024
🚀 Exciting #Giveaway & Offer! 🎁 Save 20% on the revamped "Hands-On KQL for Security Analysts" course - now with Lifetime Access!
🎟️ Use code "ANALYST23" at checkout before 31.12.2023.
🌟 RT & follow for a chance to win a free seat! Enhance your investigation and #IncidentResponse skills.
🔗 https://t.co/qoSTNy22HM
Stay tuned for more updates!
#KQL
@TCMSecurity I have 2 build your own bundle 3 & 4 still unused. Does the upcoming change will affect this. Because I already bought most of the courses individually when it was in offer. and can’t really use the bundle on anything other than may be 2 courses. Can you pls clarify.
It was called "use case developer" in the past. Now it's called "detection engineer." Sounds fancier, I guess.
What makes a detection engineer a detection engineer?
What makes a detection an engineered detection?
Is "if x = y; alert" an engineered detection? Bite me.
People are always ready to adopt or atleast try the technology . It is the responsibility of the people who is in tech to understand what customer needs. Globalization is not always the answer for everything. Good thread👇
I have been recently binging on regional youtube channels that cover small businesses to detox myself from the Twitter clout.
A thumbnail from one such channel caught my attention recently. It read 'Start your grocery business @ Rs99'
I entered a world of local tech. 👇️
Want a quick & dirty (but supported by Microsot) way to avoid #follina Office know payloads?
Just disable "Troubleshooting wizards" by GPO
> https://t.co/0BqTFaHsUj
HKLM\SOFTWARE\Policies\Microsoft\Windows\ScriptedDiagnostics - EnableDiagnostics - 0
By CERT @banquedefrance
Raspberry robin is back again. Yesterday spent some time on working one of the incident and the found it is communicating to lot of new C2 domains registered 4 days ago.
What is Raspberry Robin? Read on for high-fidelity opportunities to detect known behaviors, & background on how we decided to cluster this activity. https://t.co/6zbmaOQXrp
@imn000f@Jean_Maes_1994 Some of the options in chrome behaves same. Try to view ssl certificate of website in chrome. Same behavior. I’m also facing the same for last 1 month, not before that
Yesterday we saw a Russian VDV officer that was operating a strange looking system. No one seemed to be able to tell me what this system was so I did some digging. I was eventually able to find out, that this is in fact a Auriga portable satellite communications station.
🧵 1/x
Many thinks small team can handle SOC, device administration and daily operations together. Eventually it fails but still management doesn’t understand
@malwrhunterteam >How do you bypass a SOC
If only people knew the number of compagnies that:
1. Don't have a SOC
2. Don't even have a single person reviewing alerts/incidents
3. Have "people" reviewing alerts/incidents, but aren't InfoSec so don't understand them
Job security in DFIR 🤷♂️