Nathan HueckDetecting Systems from External connections to port 445, using Splunk, XQL, and KQL Queries.Computers and devices connected to external sources, especially over vulnerable ports such as 445, are susceptible to various cybersecurity…5d ago5d ago
Nathan HueckSeamless Integration of Cortex and Panorama with QRadar: Enhancing Your Security Operations.In today’s complex cybersecurity landscape, integrating diverse security tools is essential to maintain a robust defence mechanism. One…Aug 2Aug 2
Nathan HueckKQL, XQL, AQL and Splunk scripts use cases detecting Volt Typhoon Malware in Critical…Introduction to Detecting Volt Typhoon Malware in Critical InfrastructureJun 19Jun 19
Nathan HueckKQL, XQL, AQL, and Splunk script use cases to detect JavaScript Obfuscation attackIntroductionJun 19Jun 19
Nathan HueckKQL, XQL, and Splunk script to identify executable files in the window temp folder, removable and…We can begin with comprehensive approach to identifying executable files in the Windows temp folder using KQL (Kusto Query Language), XQL…Jun 7Jun 7
Nathan HueckDetecting malicious JavaScripts within SMTP flow (Using KQL, XQL and Splunk scripts).IntroductionMay 29May 29
Nathan HueckKQL, and Splunk scripts to identify specific Windows Security Events with user accounts!As you potentially already know. Identify user accounts behaviours is crucial. Therefore, a script designed to identify specific Windows…May 24May 24
Nathan Hueck(Splunk use case & KQL) Scripts to detect a user account logged in several endpoint devices.KQL:May 9May 9
Nathan HueckPracticing Threat Modeling for DAR/DIM/DIU protection.Today. I will talk about the importance of threat modeling to protect data in all its instances. Data at Rest (DAR), Data in Motion (DIM)…Mar 29Mar 29