OpenCTI (Open Cyber Threat Intelligence) is an open source platform used to manage cyber threat intelligence knowledge and observables. It is designed to structure, store, organise, and visualise technical and non-technical information about cyber threats (see the OpenCTI GitHub repository).
As a Cyber Security Analyst working daily with Microsoft Sentinel and Defender, passing the SC-200 exam was a must have for me. Here's a detailed account of my preparation journey, challenges, and the strategies that ultimately led to success. Whether you're just starting or refining your study plan, I hope my experience helps you navigate your path to certification.
Collection of links and resources that could be useful if you are looking to get into Cybersecurity.
Based on the advisory from the ACSC, WA Cyber Security Unit (DGOV Technical) and observations detailed by Microsoft on the Volt Typhoon's methods, the hypothesis for this threat hunt revolves around the likelihood that the Volt Typhoon threat group is actively exploiting critical infrastructure systems within our monitored environments by employing living-off-the-land techniques. These techniques include the creation of domain controller installation media, establishment of internal proxies, and use of custom FRP executables to avoid detection and maintain persistence.
Setting up a Github pages with mkdocs to host some notes, thoughts, and experiences in Cyber Security.
Not much here as yet but will steadily add to it as I go.