Mimecast
Azure AD Event Hubs
Cisco Umbrella
Duo Security
Google G Suite
Infoblox
Okta
Microsoft Intune
LastPass
Microsoft 365 Defender
Microsoft 365
Microsoft Defender for Cloud Apps
AWS: Getting Started Guide
AWS: Kinesis Data Stream and IAM
AWS: CloudWatch
AWS: GuardDuty
AWS: CloudTrail
AWS: VPC Flow Logs
Webroot
SentinelOne
Malwarebytes
Malwarebytes Nebula
Blackberry Cylance
CrowdStrike Falcon Endpoint Protection
ESET Endpoint Protection
Sophos Central
Symantec Endpoint Security
Trend Micro Apex One
VMware Carbon Black Response
VMware Carbon Black Managed Defense
VMware Carbon Black Endpoint Protection
Automating Windows log collection with Poshim
Advanced Microsoft Logging (GPO Template)
System Monitor (Sysmon)
Microsoft Windows Firewall
Microsoft Windows PowerShell
Microsoft Windows IIS
Microsoft Active Directory
Microsoft Windows Server
Microsoft Security Modules
Check Point Next-Gen Firewall
Cisco ASA Firewall
Cisco FTD FirePower Threat Defense
Cisco Meraki Firewall
Citrix Netscaler ADC
F5 Big-IP
Fortinet Fortigate Firewall
Palo Alto Next-Gen Firewall
Palo Alto Networks Panorama
SonicWall Next-Gen Firewall
Sophos XG Firewall
WatchGuard Firebox Firewall
Osquery
Apache Web Server
Apple Mac OS
Forescout
KnowBe4 – PhishER
Linux Auditd File Integrity Monitoring
Linux Journald
Linux Servers
Nginx Web Server
Proofpoint Advanced Threat Protection
VMware VSphere/VCenter
AaDya Security: Judy Logs
WinLogBeat Forwarding
Blumira’s Advanced Edition
Blumira Getting Started Guide
Adding a sensor in the Blumira app
Blumira Sensor Outbound Allowlist
Reinstalling or Updating a Blumira Sensor
About Blumira findings
About Blumira roles
Dynamic Blocklists and Threat Feeds
Deploy a Blumira Honeypot
Build a Blumira Sensor on Ubuntu
Cloud Connectors
How to Image Machines for Forensic Use
How to Disable Null Session in Windows
How to Disable LLMNR, Netbios, WPAD, & LM Hash
How to Configure SMB Signing
Windows – Deletion Event Log Detection Test
Duo Security – Fraudulent Push Notification
Windows – Domain Administrator Account Creation
Windows – Setting Non-Expiring Password
Windows – PowerShell Execution Policy Bypass
Office 365 Password Spraying
Honeypot – FTP Auth Test
Honeypot – HTTP Auth Test
Microsoft 365 – Inbox Forwarding Rule
Blumira Feeds: An Overview
Threat Feed: Abuse.ch SSL Blocklist
Threat Feed: Abuse.ch Feodo Tracker