SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Demystifying SIEM Rules and SIEM Use Cases

Demystifying SIEM Rules and SIEM Use Cases

Security Information and Event Management (SIEM) is the foundation of Security Operations Center (SOC) as it can be used for several purposes. SIEM delivers actionable alerts that provide context and data to help investigate a potential incident or unusual behavior to detect something never seen before. SIEM organizes data of timeline, systems, and affected users…

What Is Operational Impacts?

What Is Operational Impacts?

As with any security assessment, risk is what moves an organization to act. Operational Impacts are a Red Team’s tool to demonstrate risks. This is one of the most effective methods of show risk to an organization’s senior leadership. Operational Impacts are actions or effects performed against a target designed to demonstrate physical, informational and…

proactive cybersecurity vs reactive threat hutning

Proactive Vs reactive: why you need to take a proactive approach to cybersecurity

Alongside the development of the world, organizations have started to interface more of their processes to the cyberspace. A company’s reputation, intellectual property (IP), staff, and customers are at risk of being compromised. To properly protect their assets, enterprise businesses need a solid cybersecurity strategy installed. New threats are emerging regularly; estimations show 300,000 new…

File and Directory Permissions threat hunting

Detect File and Directory Permissions Modification with this free Splunk Detection Rule

File and directory permissions are commonly managed by discretionary access control lists (DACLs) specified by the file or directory owner. File and directory DACL implementations may vary by platform, but generally they are explicitly designated so that users/groups can perform actions ie.read, write, execute, etc. Adversaries may modify file or directory permissions/attributes to evade intended…