Incident response tools

RSS

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: The Series

March 20, 2024

Remote Desktop Protocol: Exposed RDP (is dangerous)

Security Operations

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: Exposed RDP (is dangerous)

March 20, 2024

Remote Desktop Protocol: Queries for Investigation

Security Operations

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: Queries for Investigation

March 20, 2024

Remote Desktop Protocol: How to Use Time Zone Bias

Security Operations

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: How to Use Time Zone Bias

March 20, 2024

Remote Desktop Protocol: Executing the 4624_4625 Login Query

Security Operations

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: Executing the 4624_4625 Login Query

March 20, 2024

Remote Desktop Protocol: Executing the External RDP Query

Security Operations

incident response

Incident response tools

MDR

query

RDP

Sophos X-Ops

Remote Desktop Protocol: Executing the External RDP Query

March 20, 2024

AI Research

Free tools

Incident response tools

open source

Security Operations

Threat hunting tools

YARA

YaraML

An open-source ML toolkit for automatically generating YARA rules

August 25, 2022