2022-02-07から1日間の記事一覧
Details playbook Define Threat Indicator Check if the malware is quarantined/cleaned Analyze Malware 0a1ca6261fdb9671495be58a5691b21f Add Artifacts End 余談 Log search 172.16.17.35 344~348 ~284 EndpointManagement - Katie 141812f77bdef659d1…
Details playbook Parse Email Are there attachments or URLs in the email? Add Artifacts End Details EventID: 52 Event Time: Feb. 7, 2021, 4:24 a.m. Rule: SOC120 - Phishing Mail Detected - Internal to Internal Level: Security Analyst SMTP Ad…
