SOC Analyst Investigation Cheat Sheet – Data Sources & Artifacts Source: DTEX Systems or Joe Security (Automated Analysis) Why it’s effective: A dense, 2-page PDF that lists exactly what to look for in:
Investigation relies on the ability to "pivot." If you find a suspicious IP address, you pivot to see which hosts connected to it. If you find a host, you pivot to see which processes ran.
Analysts must be proficient in examining diverse data sources to uncover malicious activity.
SOC Analyst Investigation Cheat Sheet – Data Sources & Artifacts Source: DTEX Systems or Joe Security (Automated Analysis) Why it’s effective: A dense, 2-page PDF that lists exactly what to look for in:
Investigation relies on the ability to "pivot." If you find a suspicious IP address, you pivot to see which hosts connected to it. If you find a host, you pivot to see which processes ran. effective threat investigation for soc analysts pdf
Analysts must be proficient in examining diverse data sources to uncover malicious activity. SOC Analyst Investigation Cheat Sheet – Data Sources