Category Index

• Personal 1
• Risk-management 1
• Certification 1
• Infosec management 2
• Strategy 2
• Malware 1
• Career 1
• Defcon 5
• Ru 5
• Siem 14
• Vpn analytics 3
• Arcsight esm 13
• Vulnerability assessment 1
• Firewall analytics 3
• Endpoint analytics 1
• Exchange 2
• Flexconnector 1
• Windows 5
• Operations 5
• Wef 1
• Rdp 1
• Local users 2
• Outlook 1

Personal

• The BeginningAugust 28, 2016

Risk-management

• Information security risk assessments and security mindsetSeptember 10, 2016

Certification

• CISSP PreparationSeptember 22, 2016

Infosec management

• Antimalware Strategy and cleaning up the act in the midst of plagueJanuary 31, 2017
• Information security objectives - Becoming of AgeDecember 10, 2016

Strategy

• Antimalware Strategy and cleaning up the act in the midst of plagueJanuary 31, 2017
• Information security objectives - Becoming of AgeDecember 10, 2016

Malware

• Antimalware Strategy and cleaning up the act in the midst of plagueJanuary 31, 2017

Career

• Unsolicited background checks suckMay 11, 2017

Defcon

• Defcon Дневники - День 4йNovember 26, 2017
• Defcon Дневники - День 2й и 3йOctober 29, 2017
• Defcon Дневники - День 1-й, часть 2September 14, 2017
• Defcon Дневники - День 1-й, часть 1August 02, 2017
• Defcon Дневники - ПланированиеJuly 10, 2017

Ru

• Defcon Дневники - День 4йNovember 26, 2017
• Defcon Дневники - День 2й и 3йOctober 29, 2017
• Defcon Дневники - День 1-й, часть 2September 14, 2017
• Defcon Дневники - День 1-й, часть 1August 02, 2017
• Defcon Дневники - ПланированиеJuly 10, 2017

Siem

• Monitoring local Windows users - Pt. 2 - Tracking deleted user accountsMay 31, 2020
• Monitoring local Windows users - Pt. 1 - Tracking new user accountsApril 13, 2020
• Catching successful RDP connections with ArcSight ESMJanuary 12, 2020
• Operational monitoring of WEF Log sources in ArcSightNovember 28, 2019
• Installing Custom FlexConnector for the Exchange Admin Audit LogsAugust 22, 2019
• Getting MS Exchange Admin Logs details with the custom PS scriptJuly 18, 2019
• Developing custom ArcSight parser for the Sysmon logsMay 30, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.3May 15, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.2April 14, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.1March 26, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt.3February 16, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 2January 30, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 1January 26, 2019
• What to consider before buying SIEMFebruary 24, 2018

Vpn analytics

• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt.3February 16, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 2January 30, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 1January 26, 2019

Arcsight esm

• Monitoring local Windows users - Pt. 2 - Tracking deleted user accountsMay 31, 2020
• Monitoring local Windows users - Pt. 1 - Tracking new user accountsApril 13, 2020
• Catching successful RDP connections with ArcSight ESMJanuary 12, 2020
• Operational monitoring of WEF Log sources in ArcSightNovember 28, 2019
• Installing Custom FlexConnector for the Exchange Admin Audit LogsAugust 22, 2019
• Getting MS Exchange Admin Logs details with the custom PS scriptJuly 18, 2019
• Developing custom ArcSight parser for the Sysmon logsMay 30, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.3May 15, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.2April 14, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.1March 26, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt.3February 16, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 2January 30, 2019
• ArcSight - AnyConnect VPN Correlation Rules Pack - Pt. 1January 26, 2019

Vulnerability assessment

• Basic perimeter auditing and analysisFebruary 27, 2019

Firewall analytics

• ArcSight - Basic CheckPoint Rule Pack Pt.3May 15, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.2April 14, 2019
• ArcSight - Basic CheckPoint Rule Pack Pt.1March 26, 2019

Endpoint analytics

• Developing custom ArcSight parser for the Sysmon logsMay 30, 2019

Exchange

• Installing Custom FlexConnector for the Exchange Admin Audit LogsAugust 22, 2019
• Getting MS Exchange Admin Logs details with the custom PS scriptJuly 18, 2019

Flexconnector

• Installing Custom FlexConnector for the Exchange Admin Audit LogsAugust 22, 2019

Windows

• Monitoring local Windows users - Pt. 2 - Tracking deleted user accountsMay 31, 2020
• Outlook macro to automate classification labels in mail subjectApril 26, 2020
• Monitoring local Windows users - Pt. 1 - Tracking new user accountsApril 13, 2020
• Catching successful RDP connections with ArcSight ESMJanuary 12, 2020
• Operational monitoring of WEF Log sources in ArcSightNovember 28, 2019

Operations

• Monitoring local Windows users - Pt. 2 - Tracking deleted user accountsMay 31, 2020
• Outlook macro to automate classification labels in mail subjectApril 26, 2020
• Monitoring local Windows users - Pt. 1 - Tracking new user accountsApril 13, 2020
• Catching successful RDP connections with ArcSight ESMJanuary 12, 2020
• Operational monitoring of WEF Log sources in ArcSightNovember 28, 2019

Wef

• Operational monitoring of WEF Log sources in ArcSightNovember 28, 2019

Rdp

• Catching successful RDP connections with ArcSight ESMJanuary 12, 2020

Local users

• Monitoring local Windows users - Pt. 2 - Tracking deleted user accountsMay 31, 2020
• Monitoring local Windows users - Pt. 1 - Tracking new user accountsApril 13, 2020

Outlook

• Outlook macro to automate classification labels in mail subjectApril 26, 2020