Saniye NurBlue Team Lab — AWS Security Incident Investigation with SplunkHello,6 min read·Jan 19, 2024----
Saniye NurRecovering Active DirectoryWelcome to the last content of the year. It seems ironic that I will close this year with Active Directory, but I also mentioned AD…13 min read·Dec 21, 2023----
Saniye NurDefensive Strategies Against AD MisconfigurationsDefensive Strategies Against AD Misconfigurations: Basic Principles to Know7 min read·Nov 23, 2023----
Saniye NurSplunk: Data ManipulationData manipulation in products like Splunk refers to various operations performed to make data more meaningful and useful. These products…9 min read·Oct 22, 2023----
Saniye NurA look into the Preparation phase of the Incident ResponseAn observed occurrence within a system refers to an event, incident, or happening that is noticed, recorded, or detected within that…8 min read·Sep 10, 2023----
Saniye NurIncident Response Framework’s Second Phase: Understanding Identification & ScopingUnderstanding Security Alert Nature: Explore the nature of security alerts and their implications within the context of incident response.11 min read·Sep 4, 2023----
Saniye NurBlended Two Machines and Its SolutionI realized that I haven’t solved the machine-challenge for a long time. And I realized that I missed a lot.10 min read·Aug 19, 2023----
Saniye NurDocker Host Security and Docker ForensicsWhat if we get a vulnerable WebApp (say RCE/CI) running on a Kubernetes pod ?17 min read·Jul 23, 2023----
Saniye NurCloud DFIR -2-We said “Next article will talk about EC2 Incident Response and Forensic Analysis, Margarita Shotgun, a Remote Memory Acquisition Tool…8 min read·Jun 11, 2023----