Linux auditd for Threat Detection [Final]Mapping behaviors to auditd log eventsMar 21, 2023A response icon2Mar 21, 2023A response icon2
Linux auditd for Threat Detection [Part 2]Part 1: Linux auditd for Threat Detection [Part 1]Feb 10, 2023A response icon2Feb 10, 2023A response icon2
Linux Auditd for Threat DetectionA few years ago, I was asked to define an auditd configuration which would serve as the primary detection technology for a large…Jan 26, 2022A response icon4Jan 26, 2022A response icon4
How To Fail OSCPAn unorthodox take on an OSCP experience.Apr 27, 2019A response icon1Apr 27, 2019A response icon1
![Linux auditd for Threat Detection [Final]](https://miro.medium.com/v2/resize:fill:160:106/1*q4m0bdvgQP-SHGfNmXCVSw.png)
![Linux auditd for Threat Detection [Final]](https://miro.medium.com/v2/resize:fill:320:214/1*q4m0bdvgQP-SHGfNmXCVSw.png)
![Linux auditd for Threat Detection [Part 2]](https://miro.medium.com/v2/resize:fill:160:106/1*HcrjO1BIFruixsqteLuq_w.png)
![Linux auditd for Threat Detection [Part 2]](https://miro.medium.com/v2/resize:fill:320:214/1*HcrjO1BIFruixsqteLuq_w.png)
