A Blue Teamer’s Primer to Traffic Investigation
Nov 4 · 6 min read
Alert::Unknown IP
There are a few things that come to the mind of an infosec analyst/engineer when reviewing network monitoring alerts. There’s even more when you see something that’s clearly a possible malicious event.
Things that might spike the blood pressure a bit:
Dynamic_DNS_CheckIP_Call
Geo_Location::RU…

