I wanted to share a good opportunity for learning Wireshark with some real-life packet capture files. In addition to providing high-level analysis, Palo Alto’s Unit 42 often has tutorials on how to use some security-related tools.
Category: Tools
Found an interesting blog post on configuring Graylog to detect threats. Hopefully the next posts they publish will do some follow up for actual threat detection and alerts: this first post is focused on normalizing data.
With the SolarWinds breach in the headlines, CISA has released a tool designed to help Azure and Microsoft 365 clients detect compromised accounts. Sparrow is a Powershell script that gathers data related to potentially compromised accounts and applications in Azure or Microsoft 365.