Rcegan – Medium

Rcegan

Pinned

Published in
Detect FYI

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

One of the biggest hurdles for a burgeoning detection engineer is convincing your business that you need detection engineering.

Oct 5

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

Oct 5

Pinned

Published in
Detect FYI

The Structure and Taxonomy of a Detection Knowledge Base

One of the most critical aspects of a detection engineering program is the documentation. Without documentation, your SOC is flying blind…

May 9

The Structure and Taxonomy of a Detection Knowledge Base

May 9

Pinned

How I take notes as a Cybersecurity Engineer

As you’ll probably be able to relate, I love reading. In particular, I love reading about cybersecurity. Ever since I was a kid, I was…

Jan 10, 2023

How I take notes as a Cybersecurity Engineer

Jan 10, 2023

Recently I’ve been connecting up all my different home lab services to Discord as a central…

First, you’ll need to create a Discord server and create an integration. You can find out [how to do that…

Mar 2

Recently I’ve been connecting up all my different home lab services to Discord as a central…

Mar 2

The Joy of Using Excalidraw for Everything

As a heavy Obsidian user, I’ve come to rely on for it many of my day to day tasks. As a security engineer, I’m regularly having to create…

Feb 17

A basic diagram created in Excalidraw demonstrating a basic Command and Control (C2) architecture.

Feb 17

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

In one of my blogs a very long time ago, I wrote about some discrepancies I found in the Defender file creation events in Microsoft…

Feb 7

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

Feb 7

You should be Exploiting your Procrastination

Procrastination is something that afflicts all of us without exception — a perceived kind of mental vulnerability that exists within…

Jan 26

You should be Exploiting your Procrastination

Jan 26

Published in
Detect FYI

Building a beginner’s detection lab with Defender, Sentinel, and Splunk

If you work in an MSSP as an analyst or consult a lot, you’ll likely come in contact with SIEMs, EDRs, and data sources that are new…

Jan 17

Building a beginner’s detection lab with Defender, Sentinel, and Splunk

Jan 17

January 2024 — How I currently organise my Obsidian vault as a Cybersecurity enthusiast

As I’ve talked about in previous blog posts, I use Obsidian as my main note-taking application. This is off the back of using tools like…

Jan 10

January 2024 — How I currently organise my Obsidian vault as a Cybersecurity enthusiast

Jan 10

Published in
Detect FYI

An introduction to building an effective Detection Engineering Capability

Detection Engineering is a relatively new practice within blue teams and MSSPs, which has only recently garnered popularity amongst the…

Jan 2

An introduction to building an effective Detection Engineering Capability

Jan 2

Rcegan

Rcegan

Security Engineer with a focus on Microsoft Sentinel, the Defender stack, and a bit of Splunk. Opinions are my own. Hack the planet.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams