SurfRid3r's Highlights on 'Microsoft Sentinel UEBA reference'

What are Parsing Rules? • Cortex XSIAM Documentation • Palo Alto Networks documentation portal

docs-cortex.paloaltonetworks.com/r/Cortex-XSIAM/Cortex-XSIAM-Documentation/What-are-Parsing-Rules

Apr 22, 2025

理解 LSTM 网络 -- colah 的博客 --- Understanding LSTM Networks -- colah's blog

colah.github.io/posts/2015-08-Understanding-LSTMs/

Apr 21, 2025

67 Weird Debugging Tricks Your Browser Doesn't Want You to Know

alan.norbauer.com/articles/browser-debugging-tricks

前端JS对抗

May 14, 2024

Design discussion · Issue #14 · trojan-gfw/trojan

github.com/trojan-gfw/trojan/issues/14

ToRead

May 14, 2024

Forward thinking: How adversaries abuse Office 365 email rules

redcanary.com/blog/o365-email-rules-mindmap/

Exchange

O365

May 14, 2024

Art of Anti Detection 1 – Introduction to AV & Detection Techniques – Pentest Blog

pentest.blog/art-of-anti-detection-1-introduction-to-av-detection-techniques/

AntiVirus

Mar 9, 2024

Web LLM 攻击 – HADESS --- Web LLM Attacks – HADESS

hadess.io/web-llm-attacks/

Mar 7, 2024

中间人如何识别代理流量 | gd1214b's blog

www.gd1214b.icu/post/Wmy6lTJ40/

加密流量

Feb 8, 2024

Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments | CISA

www.cisa.gov/news-events/cybersecurity-advisories/aa21-008a

Jan 23, 2024

Introducing AI-powered investigation in Chronicle Security Operations | Google Cloud Blog

cloud.google.com/blog/products/identity-security/rsa-introducing-ai-powered-investigation-chronicle-security-operations

GPTSecurity

Jan 22, 2024

mdecrevoisier/Microsoft-eventlog-mindmap: Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...

github.com/mdecrevoisier/Microsoft-eventlog-mindmap

ThreatHunt

EventLog

O365

Jan 16, 2024

PowerPoint Presentation

i.blackhat.com/USA-20/Thursday/us-20-Bienstock-My-Cloud-Is-APTs-Cloud-Investigating-And-Defending-Office-365.pdf

O365

Jan 16, 2024

vmess协议设计和实现缺陷可导致服务器遭到主动探测特征识别(附PoC) · Issue #2523 · v2ray/v2ray-core

github.com/v2ray/v2ray-core/issues/2523

加密流量

Jan 15, 2024

【机器学习概率统计】01 理论基石：条件概率、独立性与贝叶斯_【机器学习概率统计】01 理论基石:条件概率、独立性与贝叶斯-CSDN博客

blog.csdn.net/weixin_43716250/article/details/109706290

概率论

Jan 7, 2024

Microsoft Sentinel UEBA reference

learn.microsoft.com/en-us/azure/sentinel/ueba-reference

UEBA

Microsoft Sentinel

Jan 7, 2024

Microsoft Sentinel UEBA 参考

learn.microsoft.com/zh-cn/azure/sentinel/ueba-reference

UEBA

Jan 7, 2024

Function reference | Machine Learning in the Elastic Stack [8.11] | Elastic

www.elastic.co/guide/en/machine-learning/current/ml-functions.html

UEBA

Jan 7, 2024

Identifying the Subject | Exabeam Documentation Portal

docs.exabeam.com/en/content/all/exabeam-security-content-cim/common-information-model/using-the-common-information-model-to-create-custom-content/identifying-the-subject.html

SIEM

Jan 7, 2024

Common Information Model Interface | Exabeam Documentation Portal

docs.exabeam.com/en/content/all/exabeam-security-content-cim/common-information-model/common-information-model-interface.html

SIEM

Jan 7, 2024

为什么乙方安全业务难做 – 边窗

peirs.net/why-cyber-security-business-is-hard-to-get-benefit/

CyberSecurity

杂记

Jan 7, 2024

Artificial intelligence for cybersecurity: Literature review and future research directions

www.sciencedirect.com/science/article/pii/S1566253523001136

ToRead

Jan 7, 2024

如何判断一家游戏公司是否靠谱？ – 游戏葡萄

youxiputao.com/article/25780

Misc

ToRead

Jan 7, 2024

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV | Microsoft Security Blog

www.microsoft.com/en-us/security/blog/2018/09/27/out-of-sight-but-not-invisible-defeating-fileless-malware-with-behavior-monitoring-amsi-and-next-gen-av/

无文件

Fileless

Jan 7, 2024

Use entities to classify and analyze data in Microsoft Sentinel

learn.microsoft.com/en-us/azure/sentinel/entities

Microsoft Sentinel

Jan 7, 2024

Practical Deep Learning for Coders - Practical Deep Learning

course.fast.ai/

ToRead

Jan 7, 2024

Console Utilities API 参考文档 | DevTools | Chrome for Developers

developer.chrome.com/docs/devtools/console/utilities?hl=zh-cn

前端JS对抗

Jan 7, 2024

Console Utilities API 参考文档 | DevTools | Chrome for Developers

developer.chrome.com/docs/devtools/console/utilities

前端JS对抗

Jan 7, 2024

Bro4Pros16_JohnAlthouse.pdf

old.zeek.org/current/slides/Bro4Pros16_JohnAlthouse.pdf

threathunt

主动探测

加密流量

ThreatHunt

Jan 7, 2024

Microsoft Sentinel 机器学习引擎检测的异常情况

learn.microsoft.com/zh-cn/azure/sentinel/anomalies-reference

UEBA

Jan 4, 2024

Artificial intelligence for cybersecurity: Literature review and future research directions

www.sciencedirect.com/science/article/pii/S1566253523001136?via%3Dihub

CyberSecurity

Dec 12, 2023

四层负载均衡漫谈 | 卡瓦邦噶！

www.kawabangga.com/posts/5301

负载均衡

Dec 8, 2023

可以发送到 Microsoft Sentinel 的 Windows 安全事件

learn.microsoft.com/zh-cn/azure/sentinel/windows-security-event-id-reference

Microsoft Sentinel

Nov 28, 2023

在 Microsoft Sentinel 中使用实体对数据进行分类和分析

learn.microsoft.com/zh-cn/azure/sentinel/entities

Microsoft Sentinel

Nov 28, 2023

Console Utilities API reference - Chrome for Developers

developer.chrome.com/docs/devtools/console/utilities/

前端JS对抗

Nov 22, 2023

Notion – The all-in-one workspace for your notes, tasks, wikis, and databases.

www.notion.so/rfast-pulic/wh1t3p1g-s-blog-2286fc15ff4a4a2e83b6d1aeb9b0ecf8

Jan 18, 2023