Advent of Cyber 2024 Day 4 | TryHackMe Walkthrough

Logs showing admin access, escalation of privileges, patched systems behaving differently, and security tools triggering alerts. The SOC team misinterpreted the system modifications as a sign of an insider threat or rogue attacker and decided to launch an investigation using the Atomic Red Team framework.

Learning Objectives

Learn how to identify malicious techniques using the MITRE ATT&CK framework.
Learn about how to use Atomic Red Team tests to conduct attack simulations.
Understand how to create alerting and detection rules from the attack tests.

Видео Advent of Cyber 2024 Day 4 | TryHackMe Walkthrough канала Aaron