Mitre rules.xlsx
29.2 KB
📚 یک سری از یوزکیس های مربوط به MITRE ATT&CK که دید و ایده های خوبی برای نوشتن یوزکیس های بهتر ایجاد میکند .
#security
#splunk
#USECASE
@Engineer_Computer
#security
#splunk
#USECASE
@Engineer_Computer
Practical_Splunk_Search_Processing_Language_A_Guide_for_Karun_Subramanian.pdf
8.4 MB
🧬 Detections: 0 / 60
🔖 File name: Practical_Splunk_Search_Processing_Language_A_Guide_for_Karun_Subramanian.pdf
🔒 File type: PDF
📁 File size: 8 MB
🔬 First analysis
• 2020-11-24 11:31:03
🔭 Last analysis
• 2023-08-10 03:55:07
🎉 Magic
• PDF document, version 1.4, 231 pages
⚜️ Link to VirusTotal
#splunk #Book
@Engineer_Computer
🔖 File name: Practical_Splunk_Search_Processing_Language_A_Guide_for_Karun_Subramanian.pdf
🔒 File type: PDF
📁 File size: 8 MB
🔬 First analysis
• 2020-11-24 11:31:03
🔭 Last analysis
• 2023-08-10 03:55:07
🎉 Magic
• PDF document, version 1.4, 231 pages
⚜️ Link to VirusTotal
#splunk #Book
@Engineer_Computer
📍ویژگی های جدید در اسپلانک ۹.۱.۱
🔗https://community.splunk.com/t5/Splunk-Tech-Talks/New-Enhancements-with-Splunk-Enterprise-9-1/ba-p/648837
#splunk
@Engineer_Computer
🔗https://community.splunk.com/t5/Splunk-Tech-Talks/New-Enhancements-with-Splunk-Enterprise-9-1/ba-p/648837
#splunk
@Engineer_Computer
Jit_Sinha_Ultimate_Splunk_for_Cybersecurity_Practical_Strategies.pdf
8.1 MB
📘 این راهنمای ضروری برای تقویت امنیت سایبری خود با Splunk را از دست ندهید!
📚 Ultimate Splunk for Cybersecurity
#Splunk
@Engineer_Computer
📚 Ultimate Splunk for Cybersecurity
#Splunk
@Engineer_Computer
Media is too big
VIEW IN TELEGRAM
The highlight command in Splunk is used to visually highlight specific terms or phrases in the search results displayed on the Events tab. Here's how it works:
دستور «highlight» در Splunk برای برجسته کردن بصری جملات یا عبارات خاص در نتایج جستجوی نمایش داده شده استفاده میشود. در اینجا نحوه کارنمایش داده شده است .
#splunk #command #highlight
@Engineer_Computer
دستور «highlight» در Splunk برای برجسته کردن بصری جملات یا عبارات خاص در نتایج جستجوی نمایش داده شده استفاده میشود. در اینجا نحوه کارنمایش داده شده است .
#splunk #command #highlight
@Engineer_Computer
باج افزاری که از بیت لاکر ویندوز علیه ما استفاده میکند
به همراه کانتنت های اسپلانک
#اسپلانک #امنیت
#splunk
https://www.splunk.com/en_us/blog/security/shrinklocker-malware-abusing-bitlocker-to-lock-your-data.html?utm_source=linkedin&utm_medium=social-media&linkId=594262321
@Engineer_Computer
به همراه کانتنت های اسپلانک
#اسپلانک #امنیت
#splunk
https://www.splunk.com/en_us/blog/security/shrinklocker-malware-abusing-bitlocker-to-lock-your-data.html?utm_source=linkedin&utm_medium=social-media&linkId=594262321
@Engineer_Computer
Splunk
ShrinkLocker Malware: Abusing BitLocker to Lock Your Data | Splunk
The Splunk Threat Research Team shares their findings and methodologies to aid the cybersecurity community in combating ShrinkLocker effectively.
♨️ AttackRuleMap
🔺 پروژه مپ Atomic Red Team بر روی
🔘 Splunk ESCU ( در حال تکمیل/فعلا ویندوز )
🔘 Sigma Rules
🔗 https://attackrulemap.netlify.app/
#sigma #Splunk #ESCU #BlueTeam #SOC
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
🔺 پروژه مپ Atomic Red Team بر روی
🔘 Splunk ESCU ( در حال تکمیل/فعلا ویندوز )
🔘 Sigma Rules
🔗 https://attackrulemap.netlify.app/
#sigma #Splunk #ESCU #BlueTeam #SOC
Please open Telegram to view this post
VIEW IN TELEGRAM
attackrulemap.netlify.com
ARM - AttackRuleMap
Mapping of open-source detection rules and atomic tests.
❤4🤯1😱1🎉1🤩1
Network Security Channel
🔹 Share & Support Us 🔹 📱 Channel : @Engineer_Computer
🛡 Wazuh Mastery Pack · 15 of 15 — Wazuh vs Other SIEMs
The honest take, after operating most of them in production:
✅ Where Wazuh wins:
• No license cap — ingest as much as you want
• Built-in EDR (FIM, SCA, Active Response, rootkit checks)
• Compliance mappings out of the box
• Lightweight agents, multi-OS, easy enrollment
⚠️ Where Wazuh struggles:
• No native UEBA / ML-driven anomaly detection
• OpenSearch-based, slower than Splunk's SPL
• Dashboards less polished than commercial tools
• Community-driven support (paid tier exists)
The decision tree I actually use:
🔹 Tight budget + need SIEM + EDR + compliance → Wazuh, every time
🔹 Big budget + need ML / UEBA / fast search → Splunk
🔹 Need flexibility above all, willing to DIY → ELK
🔹 Already have OSSEC → migrate to Wazuh today
Wazuh isn't the best at any single thing. It's the best free SIEM/XDR that ships with everything in one box. Pair it with good engineering, and you outperform stacks that cost 50× more.
That's a wrap on the 15-part series. Thanks for reading along — and to everyone who commented, shared, or DM'd me with feedback: it kept me writing.
The full PDF pack is pinned to my profile if you missed earlier sheets.
#Wazuh #SIEM #Splunk #ELK #CyberSecurity #BlueTeam #SOC #InfoSec #OpenToWork
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
The honest take, after operating most of them in production:
✅ Where Wazuh wins:
• No license cap — ingest as much as you want
• Built-in EDR (FIM, SCA, Active Response, rootkit checks)
• Compliance mappings out of the box
• Lightweight agents, multi-OS, easy enrollment
⚠️ Where Wazuh struggles:
• No native UEBA / ML-driven anomaly detection
• OpenSearch-based, slower than Splunk's SPL
• Dashboards less polished than commercial tools
• Community-driven support (paid tier exists)
The decision tree I actually use:
🔹 Tight budget + need SIEM + EDR + compliance → Wazuh, every time
🔹 Big budget + need ML / UEBA / fast search → Splunk
🔹 Need flexibility above all, willing to DIY → ELK
🔹 Already have OSSEC → migrate to Wazuh today
Wazuh isn't the best at any single thing. It's the best free SIEM/XDR that ships with everything in one box. Pair it with good engineering, and you outperform stacks that cost 50× more.
That's a wrap on the 15-part series. Thanks for reading along — and to everyone who commented, shared, or DM'd me with feedback: it kept me writing.
The full PDF pack is pinned to my profile if you missed earlier sheets.
#Wazuh #SIEM #Splunk #ELK #CyberSecurity #BlueTeam #SOC #InfoSec #OpenToWork
🔹 Share & Support Us 🔹
📱 Channel : @Engineer_Computer
❤1