Rcegan – Medium

Rcegan

Pinned

Published in
Detect FYI

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

One of the biggest hurdles for a burgeoning detection engineer is convincing your business that you need detection engineering.

Oct 5, 2024

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

Oct 5, 2024

Pinned

Published in
Detect FYI

The Structure and Taxonomy of a Detection Knowledge Base

One of the most critical aspects of a detection engineering program is the documentation. Without documentation, your SOC is flying blind…

May 9, 2024

The Structure and Taxonomy of a Detection Knowledge Base

May 9, 2024

Pinned

How I take notes as a Cybersecurity Engineer

As you’ll probably be able to relate, I love reading. In particular, I love reading about cybersecurity. Ever since I was a kid, I was…

Jan 10, 2023

How I take notes as a Cybersecurity Engineer

Jan 10, 2023

Published in
Detect FYI

If you’ve ever worked within security engineering or as an analyst producing any kind of output in…

For the purposes of this post, we’ll be focusing on the very beginning of a detection development pipeline — the use case intake process…

Dec 29, 2024

If you’ve ever worked within security engineering or as an analyst producing any kind of output in…

Dec 29, 2024

Recently I’ve been connecting up all my different home lab services to Discord as a central…

First, you’ll need to create a Discord server and create an integration. You can find out [how to do that…

Mar 2, 2024

Recently I’ve been connecting up all my different home lab services to Discord as a central…

Mar 2, 2024

The Joy of Using Excalidraw for Everything

As a heavy Obsidian user, I’ve come to rely on for it many of my day to day tasks. As a security engineer, I’m regularly having to create…

Feb 17, 2024

A basic diagram created in Excalidraw demonstrating a basic Command and Control (C2) architecture.

Feb 17, 2024

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

In one of my blogs a very long time ago, I wrote about some discrepancies I found in the Defender file creation events in Microsoft…

Feb 7, 2024

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

Feb 7, 2024

You should be Exploiting your Procrastination

Procrastination is something that afflicts all of us without exception — a perceived kind of mental vulnerability that exists within…

Jan 26, 2024

You should be Exploiting your Procrastination

Jan 26, 2024

Published in
Detect FYI

Building a beginner’s detection lab with Defender, Sentinel, and Splunk

If you work in an MSSP as an analyst or consult a lot, you’ll likely come in contact with SIEMs, EDRs, and data sources that are new…

Jan 17, 2024

Building a beginner’s detection lab with Defender, Sentinel, and Splunk

Jan 17, 2024

January 2024 — How I currently organise my Obsidian vault as a Cybersecurity enthusiast

As I’ve talked about in previous blog posts, I use Obsidian as my main note-taking application. This is off the back of using tools like…

Jan 10, 2024

January 2024 — How I currently organise my Obsidian vault as a Cybersecurity enthusiast

Jan 10, 2024

Rcegan

Rcegan

Security Engineer with a focus on Microsoft Sentinel, the Defender stack, and a bit of Splunk. Opinions are my own. Hack the planet.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams