Introduction When I talk about EDRs in this article, I mean a combination of endpoint protection (EPP) and endpoint detection and response (EDR). I also want to define the term “evasion” in the context of EDRs and malware. When I talk about the fact that it is or has been …
Read More »Yearly Archives: 2023
Incident Response Playbooks and Workflows
Incident-Response-Playbooks-and-workflows-1Download
Read More »Cybersecurity Terms
Cybersecurity-Terms-v2023Download
Read More »Inspect RDP traffic in Wireshark
Wireshark RDP resources Looking for a way to capture and inspect RDP traffic in Wireshark? You’ve come to the right place! SSLKEYLOGFILE Many applications, including browsers, support the SSLKEYLOGFILE environment variable with a path to a text file where TLS pre-master secrets are dumped. This format is supported by Wireshark …
Read More »