
When Family Becomes a Risk Vector: Reflections on the Sweet Bobby Case
What would you do if someone close to you manipulated your life for years? The Sweet Bobby case is a real example of how even family ties can become risk vectors. I wrote a post analyzing this shocking case and the lessons it offers us on protecting our privacy and emotional well-being.
In this article, I analyze this impactful case and share key lessons we can apply to safeguard our privacy and emotional well-being in an increasingly digital world.

Threat Hunting with Osquery in Kibana — Part 1
In the intricate landscape of cybersecurity, the essential utility of Threat Hunting with Osquery in Kibana lies in enabling security teams to proactively and automatically analyze threats.

How to Create Log Threshold Rules in Elastic Observability
In this article, we will delve into why monitoring data sources in your organization is crucial and learn how to set up rules that will alert us when the transmission of logs from these sources stops.

Elasticsearch Alert Configuration
After delving into everything related to Elastic Agent policies and integrations, which you can read about here, and in the previous article where we explored the integration of a remote team (Fortigate) through a collector, let's see what comes next.

Integration of FortiGate Firewall with Elasticsearch
In our continuous pursuit of optimizing data and event management, we continue our integrations using Elastic Agent. In our previous article, we demonstrated how to collect events from various logging channels in Windows systems, with a focus on “Windows Firewall” and the identification of “Windows events”.

Elastic Agent - Policies and Integrations
Elastic Agent policies are a set of predefined configurations that determine what types of data should be collected and how they should be collected. This encompasses aspects like metrics, logs, and other relevant data for system monitoring and management.

What is Elastic Agent, and how does it work?
Have you heard of Elastic Agent? If you're interested in efficient monitoring and management of your systems and devices, you're in the right place. In this article, I provide a comprehensive overview of what it is and how it works.

Monitoring Systems
To conclude this series of publications on the 6 elements to consider when implementing a SOC, we proceed to present the one regarding to "Monitoring Systems".

Necessary security control tools
As usual, this week we continue with the 6 elements to consider when implementing a SOC. Today it is the turn for the second-last item on our list, and it is the "necessary security control tools".

Infrastructure Environment
Continuing with "6 elements to consider when implementing a SOC", this week we are going to introduce element #4: "Infrastructure Environment".

Adequate staffing
On this occasion, it is time to talk about the third element that we have considered important to take into account when implementing a SOC: "Adequate staffing".

6 elements to consider when implementing a SOC
As everyone knows, cyber threats are constantly evolving, which has forced companies to implement an expert team capable of detecting, analyzing, responding, reporting, and preventing cybersecurity incidents. The cybersecurity operations center (SOC) is that body called upon to fulfill this important task.

Policies and procedures of a SOC
Following up on the topic we started last week: "6 elements to consider when implementing a SOC", today we are going to take a closer look at the second element, which refers to the policies and procedures of a SOC.