Author Archives: SANS Blog

A blog about web scraping methods, use cases, challenges, and how to overcome them. Continue reading Undercover Operations: Scraping the Cybercrime Underground→

A blog about developing cyber threat intelligence (CTI) metrics. Continue reading Beyond Meh-trics: Examining How CTI Programs Demonstrate Value Using Metrics→

Exploring the power of the PEAK Threat Hunting framework Continue reading SANS Threat Analysis Rundown in Review: Breaking Down December 2024’s Discussion→

A blog about the ipdate to the SANS SEC587 OSINT course. Continue reading SEC587: Advanced Open-Source Intelligence Course Update – What’s New?→

A blog about the latest update to Siftgrab, including a new function that generates several preformatted Excel workbooks. Continue reading A Prescription for Windows Prefetch Analysis→

A blog about the importance of ICS/OT cybersecurity awareness training. Continue reading ICS Cybersecurity Awareness: Strengthening Critical Infrastructure Through Practical Skill Deployment→

A blog about the EU’s new financial sector cybersecurity regulations, DORA and TIBER-EU Continue reading DORA’s Role in Enhancing Cybersecurity for EU Finance→

A blog summarizing the US Government’s OIG report on CISA’s Automated Indicator Sharing program Continue reading Reflections on the US Government’s OIG Report on CISA’s Automated Indicator Sharing Program→

私がいつも言っている通り、「攻撃者は怠け者」です。要は、彼らは常に最も抵抗の少ない道を進むのです。防御側が彼らの戦術、技術、手順を習得するにつれ、攻撃能力と防御能力の非対称的なギャップは縮小し、攻撃者は戦場、戦略の変更を余儀なくされ、何度も繰り返されるゲームは延々と続くことになります。… Continue reading Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future (Japanese)→