splunk Archives

Anton Ovrutsky
April 4, 2022
No Comments

Azure and Azure Active Directory Monitoring Use Cases

Azure and Azure Active Directory Monitoring Use Cases https://www.lares.com/wp-content/uploads/2021/08/wang-binghua-0ubN_9HHILs-unsplash-scaled.jpg 1522 2048 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg April 4, 2022 April 4, 2022

Intro Wrangling data exposed by various Azure services is a daunting challenge. Because numerous tables exist with many available data types, finding the table with a particular Azure action or…

Anton Ovrutsky
January 6, 2022
No Comments

Kubernetes Hunting & Visibility

Kubernetes Hunting & Visibility https://www.lares.com/wp-content/uploads/2022/01/grid-ged8ced39f_1280.jpg 1280 905 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg January 6, 2022 January 6, 2022

Intro Enterprise workloads are increasingly shifting to modern micro-service architectures. This shift can potentially mean that visibility, hunting, and defensive frameworks lag behind their traditional on-premises architectures and deployments. The…

Anton Ovrutsky
October 26, 2021
No Comments

Sysmon for Linux Test Drive

Sysmon for Linux Test Drive https://www.lares.com/wp-content/uploads/2021/10/adam-snow-qJIDBmk4l3Y-unsplash.jpeg 1090 727 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg October 26, 2021 October 26, 2021

If you have been within planetary orbit of our Purple Team, you will know that we are huge fans of Sysmon. You can imagine our excitement when Microsoft announced that…

Anton Ovrutsky
April 2, 2021
No Comments

Emails and Malicious Macros – What Can Go Wrong?

Emails and Malicious Macros – What Can Go Wrong? https://www.lares.com/wp-content/uploads/2021/04/joshua-aragon-BMnhuwFYr7w-unsplash-scaled.jpg 2048 1365 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg April 2, 2021 April 2, 2021

Intro A few months ago, we published a blog post that examined the telemetry available through Office 365, including email visibility. If you read the blog and thought to yourself,…

Anton Ovrutsky
November 23, 2020
No Comments

Taking a Look at Office 365 Logs

Taking a Look at Office 365 Logs https://www.lares.com/wp-content/uploads/2020/11/oskars-sylwan-Xjg8t1KO26o-unsplash-jpg.jpg 1090 727 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg November 23, 2020 November 24, 2020

Intro Office 365 enables productivity and collaboration among teams and business units. As it’s utilization grows in popularity, productivity tools become increasingly attractive targets to attackers. So often attack chains…

Anton Ovrutsky
October 5, 2020
No Comments

WFH Lateral Movement TTPs

WFH Lateral Movement TTPs https://www.lares.com/wp-content/uploads/2020/10/hybrid-8iN-YTPHAEw-unsplash.jpg 800 533 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg October 5, 2020 October 6, 2020

WFH Lateral Movement TTPs With the increase of remote working arrangements due to the ongoing pandemic, corporate endpoints are now located far beyond the standard corporate perimeter. This presents attackers…

Anton Ovrutsky
July 14, 2020
No Comments

Hunt Fast: Splunk and tstats

Hunt Fast: Splunk and tstats https://www.lares.com/wp-content/uploads/2020/07/fabio-oyXis2kALVg-unsplash.jpg 1090 818 Anton Ovrutsky Anton Ovrutsky https://www.lares.com/wp-content/plugins/ultimate-member/assets/img/default_avatar.jpg July 14, 2020 July 14, 2020

Intro One of the aspects of defending enterprises that humbles me the most is scale. Enabling different logging and sending those logs to some kind of centralized SIEM device sounds…

splunk

Sysmon for Linux Test Drive

Emails and Malicious Macros – What Can Go Wrong?

Taking a Look at Office 365 Logs

WFH Lateral Movement TTPs

Hunt Fast: Splunk and tstats

Call Us

Email Us

©2025 Lares, a Damovo Company | All rights reserved.