Cyber Incident Investigation with Splunk | TryHackMe Investigating with Splunk

Показать описание

In this video walk-through, we covered investigating a cyber incident with splunk. We investigated the events generated on compromised windows machines and uncovered the attack artifacts.
********
Splunk Training Playlist
******
Receive Cyber Security Field Notes and Special Training Videos
*******
Writeup
*********
Instagram
Twitter
Facebook
LinkedIn
Website
Patreon
Backup channel
My Movie channel:
******

Motasem Hamdan | Cyber Security & Tech

Рекомендации по теме

Комментарии

Thanks a lot! The part of cyberchef was simply insane!

amigazo

in every person have easily understand your splunk videos. thank you for your video.

jinshadta

Good demo. Tip... You forgot to quote the net user search. It should have been "net user" because it's a phrase with a space between.

CayoBuay

Hello. Can you share the link for the list of Event IDs, thanks

ycyleben

Thanks for this amazing learning exerience.Can you guide me from where you have taken list of various Event id's?

B_B

Thank you very much...this was very insightful!! Just have a doubt though..In this case we have the questions which makes it easier to input the commands in the Search Header.. But in a real time scenario how do we start the search? I am preparing for interviews for SOC Analyst position and come from a non-it background.. Thank you

AvinashSharma-mt

Thanks a million Its extremely helpful for newbie like me (i start feeling more confident with your help)

ДмитрийКузнецов-яд

Great video, could you recommend a comprehensive list of Win Event IDs?

kartibok

Where can one find a copy of the cybersecurity/Blue Team manual you used?

CaptainAwesome

What do you use to find event ids, the page your refer to?

mwaygp

can you please give me the "investigating logs" notes for free? this one only

vinaypatel

Hi, it was good explaining splunk video 👌.
I want help in finding the good understanding cyber security,
How I can understand events in good way ?
I certainly that u find that url and encoded and all that work, how i can be like u, is there any map or fundamentals that I should follow?
And again thank u 🙏🏻

فاطمة-ققد

Do you have your notes shared somewhere that we can take a look at?

dfmu

how can we find that particular eventid is new user creation?

allaboutthecyberworld

Cyber Incident Investigation with Splunk | TryHackMe Investigating with Splunk

Cyber Incident Investigation with Splunk | TryHackMe Investigating with Splunk

Cyber Incident Response with Splunk | TryHackMe Incident Handling with Splunk

Cyber Incident Investigation with Splunk | TryHackMe Investigating with Splunk : 06

SIEM In Seconds - Splunk ES Overview - Incident Review

Investigating a Windows Intrusion Attack with Splunk | TryHackMe Investigating with Splunk

Splunk Basics Tutorial for Beginners | Cyber Security

Cyber Incident Investigation with Splunk | Investigation With Tryhackme using Splunk : 03

Master Cyber Attack Investigation with This Splunk Tutorial!

💻 Master the Splunk Web Interface and Preferences!!! 💻

What to do with a Virus Infection as a SOC Analyst | Cybersecurity Day in Life

SOC 101: Real-time Incident Response Walkthrough

Splunk Tutorial for Beginners (Cyber Security Tools)

Ransomware Investigation with Splunk | TryHackMe PS Eclipse

Investigating with Splunk - Tryhackme -

Investigate an Infected Machine with Splunk | TryHackMe Benign

Cybersecurity Threat Hunting Explained

how to CORRECTLY read logs as a Cybersecurity SOC Analyst

LIVE: Ransomware Investigation | Cybersecurity | Splunk | Blue Team |

SIEM In Seconds - Splunk ES Overview - Investigation Workbench

Web Incident Investigation with Splunk | Tryhackme Investigation with Splunk:09

Splunk Security Investigations, Part 1: Threat Detection

SecOps In Seconds: Prioritizing Incidents for Investigation in Splunk Mission Control

How to use splunk to analyze a realtime log | Splunk tutorial

Incident Handling with Splunk | Reconnaissance Phase | TryHackMe