Rcegan – Medium

Rcegan

Pinned

Published in

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

One of the biggest hurdles for a burgeoning detection engineer is convincing your business that you need detection engineering.

Oct 5, 2024

From Zero to Expert level Detection Engineering with Elastic’s Maturity Model

Oct 5, 2024

Pinned

Published in

The Structure and Taxonomy of a Detection Knowledge Base

One of the most critical aspects of a detection engineering program is the documentation. Without documentation, your SOC is flying blind…

May 9, 2024

The Structure and Taxonomy of a Detection Knowledge Base

May 9, 2024

Pinned

How I take notes as a Cybersecurity Engineer

As you’ll probably be able to relate, I love reading. In particular, I love reading about cybersecurity. Ever since I was a kid, I was…

Jan 10, 2023

How I take notes as a Cybersecurity Engineer

Jan 10, 2023

Published in

Re-Writing the Playbook — A detection-driven approach to Incident Response

When was the last time you looked at one of your incident response playbooks?

Oct 15

Re-Writing the Playbook — A detection-driven approach to Incident Response

Oct 15

Published in

Do you know your Detection Surface?

Attackers think in graphs, defenders think in… Confluence pages?

Jun 2

Do you know your Detection Surface?

Jun 2

Published in

If you’ve ever worked within security engineering or as an analyst producing any kind of output in…

For the purposes of this post, we’ll be focusing on the very beginning of a detection development pipeline — the use case intake process…

Dec 29, 2024

If you’ve ever worked within security engineering or as an analyst producing any kind of output in…

Dec 29, 2024

Recently I’ve been connecting up all my different home lab services to Discord as a central…

First, you’ll need to create a Discord server and create an integration. You can find out [how to do that…

Mar 2, 2024

Recently I’ve been connecting up all my different home lab services to Discord as a central…

Mar 2, 2024

The Joy of Using Excalidraw for Everything

As a heavy Obsidian user, I’ve come to rely on for it many of my day to day tasks. As a security engineer, I’m regularly having to create…

Feb 17, 2024

A basic diagram created in Excalidraw demonstrating a basic Command and Control (C2) architecture.

Feb 17, 2024

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

In one of my blogs a very long time ago, I wrote about some discrepancies I found in the Defender file creation events in Microsoft…

Feb 7, 2024

Why you shouldn’t deploy the Azure Monitor Agent on Client Devices, and the Cost of Closing…

Feb 7, 2024

You should be Exploiting your Procrastination

Procrastination is something that afflicts all of us without exception — a perceived kind of mental vulnerability that exists within…

Jan 26, 2024

You should be Exploiting your Procrastination

Jan 26, 2024

Rcegan

Rcegan

Security Engineer with a focus on Microsoft Sentinel, the Defender stack, and a bit of Splunk. Opinions are my own. Hack the planet.

Following

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech