7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
https://7ms.us/
7MS #495: Desperately Seeking a Super SIEM for SMBs - Part 5
Today we continue our SIEM/SOC evaluation series with a closer look at one particular managed solution and how it fared (very well) against a very hostile environment: the Light Pentest LITE pentesting course! Spoiler alert: this solution was able to detect:
- RDP from public IPs
- Password spraying
- Kerberoasting
- Mimikatz
- Recon net commands
- Hash dumping
- Hits on a "honey domain admin" account
- Users with non-expiring passwords
- Hits on the SSH/FTP/HTTP honeypot