4ensiX

4ensiX

FPと言ったものはFPを選んだが表示はTPになっていることに気づいた。

webshell

LetsDefend level 2 alert SOC154 - Service Configuration File Changed by Non Admin User event-id 102

Details playbook Connect Machine Verify Determine whether alert was TP or FP Choose Incident Type What is the initial access method used in the attack? Determines Scope of Threat/Risk to the Organization What is the persistence method used…