1 Case / 1 Protection / 1 Threat / 1 KQL
Sergio Albea Case :UB2.C7 -Manage Device Logs – UB2.C7.K1 -Clean/Remove Device Logs Protection :UB2.C7.K1.P1 – Restrict access to Device Logs– Audit access to Device Logs– Backup Device Logs Threat :UB2.C7.K1.T1 – Lost…
2025
(UB3.C4.K1) Threat Hunting via Autonomous System Numbers (ASN)
Months ago, I wrote an article (How non-secure ISPs Aid Attackers in Evading Detection) discussing how some malicious actors use certain Internet Service Providers (ISPs) that I categorized as risky.…