SOC Analyst vs Penetration Tester Students who are willing to pursue their career in cyber security must have a good knowledge of the sub-branches of the domain. In this article, we will discuss SOC analyst vs penetration tester work, career objectives, and scope. These two are the most important professions in the industry when we…
Details
SOC Analyst vs Threat Hunter Introduction In this article, we will discuss threat hunters vs SOC Analysts. Threat hunting is also known as cyber threat hunting. It is a process of repeatedly searching within an organization’s network to detect threats that avoid existing security solutions. Such solutions include intrusion detection systems (IDS),…
DetailsLearning Experience with SIEM XPERT
What is Splunk? Splunk is a well-developed and advanced software tool designed for organizations to perform indexing and searching log files stored in a system. It analyzes machine-generated data in real-time. It also searches, monitors, and examines machine-generated data via a web-style interface. Apart from examining machine-generated data it also captures, indexes, and correlates the…
Details
TCP and UDP Transport Protocols TCP (Transmission Control Protocol): The translation control protocol (TCP) is just a connection-oriented, reliable protocol. TCP explicitly defines connection establishment, data transfer, and connection tear-down phases to offer a connection-oriented service. TCP uses a combination of GBN and SR protocols to offer reliability. To achieve this goal, TCP uses checksum,…
Details
EDR vs MDR vs XDR Cyberattacks are increasing day-by-day. They are becoming more and more advanced and common by enterprises to crush down their competitors. This requires comprehensive cybersecurity strategies to make and then deal with cyber crimes. It includes detection and response to threats during the hunting process. Here we have explored the three…
Details
Microsoft Azure Sentinel Architecture in IT Security An introduction to the Azure Sentinel architecture, its initial configuration, and components. There is a high demand in the market for a tool that can collect data from various sources, do the correlation, and report the information in a single dashboard. Azure Sentinel is a cloud-native SIEM…
Details
What is Cross-site Scripting (XSS) Cross-site scripting is often referred to or abbreviated as XSS because it occurs on the client side. Here the attacker aims to inject some malicious scripts into the user’s web browser, by sending a link to the user and provoking the user to click it. If any action is performed…
Details
What is QRadar? IBM QRadar is an enterprise security information and event management (SIEM) product. It collects log data from an enterprise, its network devices, host assets and os (Operation System), applications, vulnerabilities, and user activities and behaviours. IBM QRadar Security Information and Event Management (SIEM) helps security teams accurately detect and prioritize threats across the…
Details
Functionality and Characteristics of OSI Model Functions of each layer in the OSI model: 1) Physical Layer It specifies the transmission media between two connecting devices. In addition, it specifies the information rate(number of bits sent each second) within the defined media. It defines the topology of the network. The topology might be Bus,…
Details