Chronicle SIEM Rule – Identify Successful Login After 4 Failed Attempts

This is a high-level representation of how a SIEM rule in Chronicle might look to detect a scenario where a user account experiences multiple failed logins (due to invalid credentials) followed by a successful login. The rule is tailored for authentication logs from sources like Okta, Duo, and Google Workspace. Here’s a breakdown of what […]

Chronicle SIEM Rule – Identify Successful Login After 4 Failed Attempts Read More »

CRIBL Intro

In today’s complex and ever-changing IT environment, it’s more important than ever to have a comprehensive observability solution that can help you collect, analyze, and act on data from all of your systems and applications. Cribl is an observability pipeline that gives you the freedom to make choices that best serve your business without the

CRIBL Intro Read More »

Elevating Cybersecurity with Google SOAR and Security Command Center

In the dynamic realm of cybersecurity, organizations face a relentless barrage of threats that necessitate innovative solutions. Traditional security measures are increasingly inadequate against the onslaught of sophisticated attacks. This is precisely where the synergy of Google’s Security Orchestration, Automation, and Response (SOAR) platform and the Google Security Command Center (SCC) comes to the rescue.

Elevating Cybersecurity with Google SOAR and Security Command Center Read More »

Upgrade to ESXi v8 Using the ESXCLI Command Line

In a previous blog post, I demonstrated how easy it was to upgrade vCenter v7.0U3 to v8.0 and now want to show two methods of upgrading ESXi Hosts. If you have hosts that are managed by vCenter, I will demonstrate how to upgrade those with vCenter Life Cycle Manage (LCM) in my next blog post.

Upgrade to ESXi v8 Using the ESXCLI Command Line Read More »

Scroll to Top