{"id":73,"date":"2024-07-04T11:49:29","date_gmt":"2024-07-04T11:49:29","guid":{"rendered":"http:\/\/www.seclink.info\/?page_id=73"},"modified":"2024-09-14T05:33:22","modified_gmt":"2024-09-14T05:33:22","slug":"threat-blog","status":"publish","type":"page","link":"https:\/\/www.seclink.info\/cn\/threat-blog\/","title":{"rendered":"\u5a01\u80c1\u62a5\u544a"},"content":{"rendered":"<div class=\"wp-block-query is-layout-flow wp-block-query-is-layout-flow\"><ul class=\"wp-block-post-template is-layout-flow wp-block-post-template-is-layout-flow\"><li class=\"wp-block-post post-527 post type-post status-publish format-standard has-post-thumbnail hentry category-news tag-siem tag-splunk tag-threat-blog\">\n\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\"><figure class=\"wp-block-post-featured-image\"><a href=\"https:\/\/www.seclink.info\/cn\/we-did-it-second-place-in-splunk-worldwide-bots-day\/\" target=\"_self\"  ><img fetchpriority=\"high\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/www.seclink.info\/wp-content\/uploads\/2024\/11\/bots_cover-300x200.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"We did it! Second place in Splunk Worldwide BOTS Day!\" style=\"object-fit:cover;\" \/><\/a><\/figure><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\"><h2 class=\"wp-block-post-title\"><a href=\"https:\/\/www.seclink.info\/cn\/we-did-it-second-place-in-splunk-worldwide-bots-day\/\" target=\"_self\" >We did it! Second place in Splunk Worldwide BOTS Day!<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">On November 1, 2024, the Splunk Worldwide Boss of the SOC (BOTS) v9 concluded, and the SecLink Team secured an impressive second place out of 140 teams! View More The Splunk Boss of the SOC (BOTS) is an official Capture the Flag (CTF) style competition by Splunk. It tests participants\u2019 threat detection and response skills&hellip; <\/p><\/div><\/div>\n<\/div>\n\n<\/li><li class=\"wp-block-post post-512 post type-post status-publish format-standard has-post-thumbnail hentry category-techniques tag-dac tag-siem tag-sigma tag-splunk tag-threat-blog\">\n\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\"><figure class=\"wp-block-post-featured-image\"><a href=\"https:\/\/www.seclink.info\/cn\/complete-detection-as-code-dac-in-1-hour-with-detailed-steps\/\" target=\"_self\"  ><img decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/www.seclink.info\/wp-content\/uploads\/2024\/09\/glasses-300x200.png\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Complete Detection-as-Code (DAC) in 1 Hour &#8211; with Detailed Steps\" style=\"object-fit:cover;\" srcset=\"https:\/\/www.seclink.info\/wp-content\/uploads\/2024\/09\/glasses-300x200.png 300w, https:\/\/www.seclink.info\/wp-content\/uploads\/2024\/09\/glasses-16x12.png 16w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/figure><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\"><h2 class=\"wp-block-post-title\"><a href=\"https:\/\/www.seclink.info\/cn\/complete-detection-as-code-dac-in-1-hour-with-detailed-steps\/\" target=\"_self\" >Complete Detection-as-Code (DAC) in 1 Hour &#8211; with Detailed Steps<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">Introduction DAC((Detection As Code), detection is a strategic method that seamlessly integrates the security detection mechanism into the life cycle of software development. By considering security control as a code, the organization can automatically deploy, configure and maintain security measures throughout the SIEM operation and maintenance process. Perhaps many people have heard of the concept&hellip; <\/p><\/div><\/div>\n<\/div>\n\n<\/li><li class=\"wp-block-post post-468 post type-post status-publish format-standard has-post-thumbnail hentry category-techniques tag-cloud tag-mitre tag-siem tag-threat-blog\">\n\n<div class=\"wp-block-columns alignwide is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66.66%\"><figure class=\"wp-block-post-featured-image\"><a href=\"https:\/\/www.seclink.info\/cn\/cloud-secrets-management-stores\/\" target=\"_self\"  ><img decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/www.seclink.info\/wp-content\/uploads\/2024\/09\/ab6b2e9a-68ad-424a-ad82-b103eab46e6e-300x200.webp\" class=\"attachment-post-thumbnail size-post-thumbnail wp-post-image\" alt=\"Detection Rule Sharing: T1555.006 Cloud Secrets Management Stores\" style=\"object-fit:cover;\" \/><\/a><\/figure><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:33.33%\"><h2 class=\"wp-block-post-title\"><a href=\"https:\/\/www.seclink.info\/cn\/cloud-secrets-management-stores\/\" target=\"_self\" >Detection Rule Sharing: T1555.006 Cloud Secrets Management Stores<\/a><\/h2>\n\n<div class=\"wp-block-post-excerpt\"><p class=\"wp-block-post-excerpt__excerpt\">In this series of articles, we will explore TTP tactics based on the Mitre ATT&#038;CK framework, focusing on how to develop effective detection rules in different environments (cloud, enterprise, ICS) and scenarios. We will discuss practical attack scenarios, detection, response, and optimization. This is the first article in the series, primarily focusing on how to&hellip; <\/p><\/div><\/div>\n<\/div>\n\n<\/li><\/ul><\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":478,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"page-tags.php","meta":{"footnotes":""},"class_list":["post-73","page","type-page","status-publish","has-post-thumbnail","hentry"],"_links":{"self":[{"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/pages\/73","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/comments?post=73"}],"version-history":[{"count":12,"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/pages\/73\/revisions"}],"predecessor-version":[{"id":498,"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/pages\/73\/revisions\/498"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/media\/478"}],"wp:attachment":[{"href":"https:\/\/www.seclink.info\/cn\/wp-json\/wp\/v2\/media?parent=73"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}