IzyKnowsLinux auditd for Threat Detection [Final]Mapping behaviors to auditd log eventsMar 21, 20232Mar 21, 20232
IzyKnowsLinux auditd for Threat Detection [Part 2]Part 1: Linux auditd for Threat Detection [Part 1]Feb 10, 20231Feb 10, 20231
IzyKnowsLinux Auditd for Threat DetectionA few years ago, I was asked to define an auditd configuration which would serve as the primary detection technology for a large…Jan 26, 20221Jan 26, 20221
![Linux auditd for Threat Detection [Final]](https://miro.medium.com/v2/resize:fill:160:106/1*q4m0bdvgQP-SHGfNmXCVSw.png)
![Linux auditd for Threat Detection [Final]](https://miro.medium.com/v2/resize:fill:320:214/1*q4m0bdvgQP-SHGfNmXCVSw.png)
![Linux auditd for Threat Detection [Part 2]](https://miro.medium.com/v2/resize:fill:160:106/1*HcrjO1BIFruixsqteLuq_w.png)
![Linux auditd for Threat Detection [Part 2]](https://miro.medium.com/v2/resize:fill:320:214/1*HcrjO1BIFruixsqteLuq_w.png)
