Alex TeixeirainDetect FYIHow to prioritize a Detection Backlog?I started writing Medium stories in 2017 and the very first article was "How to rank Quick Wins", a fascinating topic that deserved another…5 min read·13 hours ago----
Alex TeixeirainDetect FYIWhat makes up a solid SIEM query?After writing and peer-reviewing numerous SIEM searches, here I share some tips to help others enhance their query-foo.·9 min read·Apr 23, 2024----
Alex TeixeirainDetect FYIAI-Powered SOC: it's the end of the Alert Fatigue as we know it?If you’ve ever worked in an enterprise SOC, you’ve probably heard it before:·6 min read·Apr 2, 2024--2--2
Alex TeixeirainDetect FYIBoost your Security Monitoring reports with Sankey DiagramsThe Pie Chart is perhaps the most prevalent data visualization type seen in security reports out there. It's easy to implement and…·4 min read·Mar 18, 2024----
Alex TeixeirainDetect FYIUnsupervised Machine Learning with Splunk: the cluster commandIf you are in cyber for long, you should have probably heard this one:·7 min read·Feb 19, 2024----
Alex TeixeiraSplunk ES Correlation Searches (Rules) Best & Cool PracticesThe following document is by far the top accessed resource from my solo business website. Since its first release in late 2020 I’ve…·1 min read·Jan 15, 2024--1--1
Alex TeixeirainDetect FYIUnder the Radar: Your Detections are missing logs — every single runIn case you've been developing custom detection content for a while, you likely know what is one of the most critical steps during the…·7 min read·Jan 9, 2024--3--3
Alex TeixeirainDetect FYIBeyond IOCs: Contextualized Leads from Analytics-Driven Threat HuntsMuch is said about hunting hypothesis. How that looks like in practice?·8 min read·Nov 5, 2023----
Alex TeixeirainDetect FYINavigating the crossroads of Threat Hunting & Detection EngineeringIt's not hard to guess that just a few enterprise organizations today have the luxury of having both #ThreatHunting and…·5 min read·Oct 31, 2023--1--1
Alex TeixeirainDetect FYIWhy you need Data Engineering Pipelines before an enterprise SIEMBy this time you've probably heard "Data is the new oil," right? So why are still so many detection engineers dealing with log data in its…·4 min read·Oct 17, 2023--1--1