SOC Analyst 101 Part 2: Analyst Mindset If you haven’t already, please read my prior SOC analysts 101 posts: Part 0: Overview & Prerequisites Part 1: Logs & Security Models From part 1 we covered the basics of security models and logs and at the end I gave you some homework to explore how to read logs. If you have not done so, I recommend checking out the resources section in part 1. More

SOC Analyst 101 Part 1: Security Models & Logs This is part 1 of the SOC Analyst 101 blog series. If you have not, please make sure to read the previous primer post “SOC Analyst 101 Part 0: Overview & Prerequisites”. At this point you have determined that you would like to further pursue a career as a SOC Analyst. You might have gained a few certifications, made a network HomeLab, and/or worked through some other educational resources. More

Threat Intelligence Analysis of APT41 Executive Summary An Advanced Persistent Threat (APT) can be defined as a sophisticated actor or group who conducts cyber-attacks in pursuit of various objectives which can include financial gain or espionage. The APT41 group (ID: G0096) is a Chinese state sponsored group that is associated with the name “WICKED PANDA” and conducts operations against a variety of sectors but mostly targeting the video game industry. The goals of APT41 have been observed to be theft of intellectual property and financial gain as the group has stolen source code, stolen digital certificates to sign malware, and deployed ransomware. More

Disclaimer This blog series is not representative of processes or procedures that are unique to my employer or any other company. This article series is meant to provide information that is agnostic and to educate those who aspire to be a cybersecurity analyst. Overview Purpose of This Blog The goal of this series to provide insight into working in cybersecurity (specifically an analyst role) to anyone, technically skilled or not. I was inspired to write this blog series after having many people inquire about how to get into working in the defensive side of Cybersecurity which is commonly an analyst role, which has been my first position in security. More

I've wanted to go to Defcon since I first heard about it many years ago. I was always intimidated from a lack of confidence in pursuing knowledge in the information technology world to go. I removed this confidence barrier in my mind and have been learning about the IT world for a year and a half. Now I finally felt ready to go participate in my first Defcon. Preparation. Preparing for Defcon involved a tremendous amount of googling since I have no family or friends who have been before (or are into tech like this). More