Aug 16How to Use MITRE ATT&CK in SOCUsing MITRE ATT&CK in a Security Operations Center (SOC) can greatly enhance threat detection and response capabilities. Here are the steps to effectively utilize MITRE ATT&CK framework in a SOC Familiarize Yourself with MITRE ATT&CK Understand the purpose and structure of the MITRE ATT&CK framework. Explore the ATT&CK website (https://attack.mitre.org/)…Soc3 min readSoc3 min read
Aug 2RDP Event logs tracking 4624 / 4625Event ID 4624 is generated in the Windows Security Log when a successful logon occurs on a local computer. This event is generated on the computer that was accessed, meaning that it is the computer where the logon session was created. …Soc3 min readSoc3 min read
