Exploring Cybersecurity Career Paths and How They Work Together: https://dispatch.thorcollective.com/p/exploring-cybersecurity-career-paths
Tedi Heriyanto
Information Security
Detection Pitfalls You Might Be Sleeping On: https://detect.fyi/detection-pitfalls-you-might-be-sleeping-on-52b5a3d9a0c8
BPF Ninja: Making Sense of Tcpdump, Wireshark, and the PCAP World:
https://medium.com/@cyberengage.org/bpf-ninja-making-sense-of-tcpdump-wireshark-and-the-pcap-world-6905797b94d4
Why is no one talking about maintenance in detection engineering? https://medium.com/falconforce/why-is-no-one-talking-about-maintenance-in-detection-engineering-ebb5820564dc
Bit ByBit - emulation of the DPRK's largest cryptocurrency heist: https://www.elastic.co/security-labs/bit-bybit
Detection Engineering Lifecycle: An Integrated Approach to Threat Detection and Response: https://detect.fyi/detection-engineering-lifecycle-an-integrated-approach-to-threat-detection-and-response-54de5bf17dba
Why Being a Tier 1 SOC Analyst Is Practically Impossible (And What to Do About It): https://medium.com/@mathias.fuchs/why-being-a-tier-1-soc-analyst-is-practically-impossible-and-what-to-do-about-it-ce5c4b39f17d
#SecurityOperationsCenter #tier1-analyst #l1-analyst
DFIRLinux Forensics is Harder than Windows (Here’s Why): https://medium.com/@mathias.fuchs/linux-forensics-is-harder-than-windows-heres-why-cd30a4d2604d
Announcing the Official Parity Release of Volatility 3!: https://volatilityfoundation.org/announcing-the-official-parity-release-of-volatility-3/
Apples to Apples: Why macOS Forensics Can Be Easier Than Windows: https://medium.com/@mathias.fuchs/apples-to-apples-why-macos-forensics-can-be-easier-than-windows-19c9f234c1a1
ShimCache and AmCache Forensic Analysis 2025: https://www.cybertriage.com/blog/shimcache-and-amcache-forensic-analysis-2025/
Understanding Linux Service Management Systems and Persistence Mechanisms in System Compromise: https://medium.com/@cyberengage.org/understanding-linux-service-management-systems-and-persistence-mechanisms-in-system-compromise-a273d6442c36
Creating a Timeline for Linux Triage with fls, mactime, and Plaso (Log2Timeline): https://medium.com/@cyberengage.org/creating-a-timeline-for-linux-triage-with-fls-mactime-and-plaso-log2timeline-7e47514cf4da
Evidence Collection in Linux Forensics (Disk + Memory Acquisition): https://www.cyberengage.org/post/evidence-collection-in-linux-forensics-disk-memory-acquisition?source=post_page-----7e47514cf4da---------------------------------------
Proactive Threat Hunting for Persistence: Startup Folder Abuse in Windows Environments: https://medium.com/@muhammadnamir5/proactive-threat-hunting-for-persistence-startup-folder-abuse-in-windows-environments-9281667dc7a0
Measuring the Hunt When You Find “Nothing”: https://dispatch.thorcollective.com/p/measuring-the-hunt-when-you-find
The Necessity of Active Testing – Detection Edition: https://trustedsec.com/blog/the-necessity-of-active-testing-detection-edition
A three-part series focused on optimizing security operations for long-term success:
- Part 1: Building and Leading Security Operations: The Infinite Quest: https://www.sans.org/blog/building-and-leading-security-operations-the-infinite-quest/
- Part 2: It’s Dangerous to Go Alone: A Consensus-Driven Approach to SOC Metrics:
https://www.sans.org/blog/its-dangerous-to-go-alone-a-consensus-driven-approach-to-soc-metrics/
Running EZ Tools Natively on Linux: A Step-by-Step Guide : https://www.sans.org/blog/running-ez-tools-natively-on-linux-a-step-by-step-guide/
Hunting Scheduled Tasks: https://cherrabinesrine.github.io/posts/Hunting_Scheduled_Tasks/
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst