Robert SterioLetsDefend: SOC104 — Generic Malware Detected (SOC PoV)An alert has come into the channel; the rule being triggered is due to a potential malware file being detected.Oct 20, 2022Oct 20, 2022
Robert SterioLetsDefend: SOC101 — Phishing Mail Detected (SOC PoV)An alert has come into the channel; the rule being triggered is due to a potential phishing email.Oct 12, 2022Oct 12, 2022
Robert SterioLetsDefend: SOC142 — Multiple HTTP 500 Response (SOC POV)An incident has appeared in the channel; the rule that’s been triggered appears to be several 500 Internal server error responses.Oct 11, 2022Oct 11, 2022
Robert SterioLetsDefend: SOC175 — PowerShell Found in Requested URL CVE-2022–41082 (SOC PoV)An event has appeared in the SOC live channel, we can see a note stating this is a new rule for a zero day vulnerability “This zero-day…Oct 7, 2022Oct 7, 2022
Robert SterioLetsDefend: SOC143 — Password Stealer Detected (SOC PoV)An incident has come into the channel; the event being generated is “Password Stealer Detected” from the exchange server logs.Oct 6, 2022Oct 6, 2022