Taylor Parizo

RedCanary's "Better Know a Data Source" series is great. It's a new series so they only have two posts on Files and Network Telemetry but each provides a good starting point into building detections around the respective activity.
They also source their activity from MITRE ATT&CK data sources which to me have been underrepresented since their release.

https://redcanary.com/blog/better-know-a-data-source-network-telemetry/

https://redcanary.com/blog/better-know-a-data-source-files/
#ThreatHunt #InfoSec

Better know a data source: Network telemetry - Red Canary

Network-based telemetry has long been a staple in the cybersecurity professional’s toolkit, and remains so both now and in the future.

Red Canary
Mar 20, 2024 at 5:34pmWeb