Within the recent weeks security professionals have been scrounging their infrastructures, and the internet, for any HAFNIUM-related indicator of compromise but this is all very retroactive work and tends to lead to more tedious efforts when you don’t have the right detection framework in place.

Let’s recap the sequence of…

The traditional SOC is essentially controlled, in most cases, by a SIEM, e.g., Splunk. The language and inner workings of the SIEM are of paramount importance to the SOC team, and often, hiring decisions are made based on proficiency with the existing SIEM and other SOC tools. …

The lifecycle of threat detection content not only involves landscape knowledge, threat analysis, prioritization, gathering the right data sets, parsing logs, writing threat detection logic, conforming to the required data models, testing, tuning and deploying, but also includes continuously monitoring the deployed content for performance and/or health related issues. Each…

Anvilogic

Anvilogic is a collaborative, no-code Automated Detection Engineering platform that helps SOC teams quickly deploy high-efficacy attack-pattern detection code.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store