Mastoto

Mastoto // CyberKB

Public notes

Curated reading

Featured series

Editorial paths for public readers who want a guided sequence instead of a flat archive.

View all series
Lead series

soc / multi

4 notes
38 min

SOC Universe

SOC Insight Article

SOC Universe

Open pathContext Driven Analysis
Lead series

soc / general

4 notes
1h 36m

SIEM Universe

A foundational series designed to help analysts understand the core concepts of SIEM platforms, focusing on practical usage, log analysis, and real-world investigation workflows using tools like QRadar and Microsoft Sentinel.

This series provides a structured introduction to SIEM from an analyst’s perspective. It covers how modern SIEM platforms collect, normalize, and correlate logs, and how these capabilities are used in daily SOC operations.

Open pathSIEM 101 part 1
Filter by
9 notes
0
SOCMulti

Context Driven Analysis

Kerangka kerja komprehensif untuk melakukan alert triage dan investigasi berbasis konteks pada SOC L1, L2, dan L3 agar keputusan lebih cepat, akurat, dan konsisten.

#detection#context-driven-analysis#soc#triage#l1#l2#investigation#incident-response#l3#alert-analysis
9h ago14 min
SOCMulti

SOC Escalation Containment and Handoff

Panduan operasional tentang kapan harus mengeskalasi alert, bagaimana menentukan aksi containment yang proporsional, dan bagaimana membuat handoff yang bernilai tinggi di SOC.

#containment#soc#l1#l2#incident-response#l3#escalation#handoff#operations
1d ago8 min
SOCMulti

SOC Detection Engineering and Use Case Lifecycle

Panduan tentang bagaimana SOC membangun, menguji, mengoperasikan, dan memperbaiki use case detection dari ide awal sampai tuning berkelanjutan.

#sigma#siem#soc#purple-team#edr#use-case#detection-engineering#detection-lifecycle#tuning
1d ago8 min
SOCMulti

SOC Alert Triage and Prioritization Framework

Panduan untuk melakukan alert triage dan penentuan prioritas insiden SOC secara cepat, konsisten, dan berbasis risiko.

#siem#soc#prioritization#edr#l1#l2#incident-triage#alert-triage#risk-based-analysis
1d ago8 min
SOCGeneral

Microsoft Sentinel 101

Microsoft Sentinel - AI Generated Content

#siem#soc
1d ago31 min
SOCGeneral

SIEM 101 part 1

SIEM adalah singkatan dari Security Information and Event Management

#siem#soc
1d ago21 min
SOCGeneral

SIEM 101 part 2

SIEM adalah singkatan dari Security Information and Event Management

1d ago19 min
SOCGeneral

Qradar 101

QRadar 101 - AI generated Content

#siem#soc
1d ago25 min
DFIRNetwork

Wireshark Cheatsheet

Cheatsheet

2d ago12 min