Detect patterns over time, Identify anomalies and outliers, Build actionable alerts, Generate SOC metrics for dashboards

The fundamentals of querying data—filtering logs, selecting the right fields, and sorting results.

What KQL is, Why it is critical for SOCs, How analysts use it daily, Common misconceptions and best practices.

Explore how AI empowers both sides of the security equation, the emerging purple team collaborations that unite them, and the governance needed to keep innovation secure.

Explore what Google dorks are, how to use them effectively, and provide real-world examples for practical use.

A compromise of Salesloft’s GitHub kicked off a supply‑chain campaign that used stolen OAuth tokens from Drift to export data at scale from Salesforce.

APT36—also known as Transparent Tribe, Mythic Leopard, ProjectM, and Earth Karkaddan—is a Pakistan-based advanced persistent threat (APT) group active since at least 2013.

How to deploy the OpenCTI (Open Cyber Threat Intelligence) platform within Docker, enabling you to aggregate and analyze threat intelligence in one place.

This article breaks down the tools you can use to fight back against phishing emails, from simple checks to more advanced techniques.

Security Onion SIEM setup guide. Network security monitoring, intrusion detection, and log management

This guide will show you how to setup a Wazuh on a home proxmox server and connect your Windows clients for security monitoring.