Aleksandar MatevinDetect FYISpotting the Gaps: Effective Monitoring of Log Flow in SplunkEnsuring the reliability and completeness of log data in Splunk is essential for maintaining a robust security posture. Our solution…Aug 12Aug 12
Aleksandar MatevinDetect FYIImpair Defenses [T1562.012]: Detect Linux Audit Logs Tampering (Part 2)In the first part of this series, I highlighted the critical role of the Linux Audit Daemon (auditd) in maintaining system security by…Jun 211Jun 211
Aleksandar MatevinDetect FYIImpair Defenses [T1562.012]: Detect Linux Audit Logs Tampering (Part 1)The Linux Audit Daemon, or auditd, is a key component of the Linux Auditing System, operating in user space to gather and save audit log…May 11May 11
Aleksandar MatevinDetect FYIThe Effortless Solution: Automating IOCs Lookup Table Updates in SplunkMay 3May 3