This blog post is the first part of a two-part series, sharing practical tips on dealing with large volumes of information on vulnerabilities released every-single-day.

Sysmon 11.1 has been released, almost a month after the release of version 11.

I’ve been using slides like the image below for some time now in presentations and I regularly get asked how I’ve created them, so I figured to dedicate a small blog post to it.

A little more than 3 months ago, I published the first part of this series on how to harden your Office 365 environment.

The latest release of Sysmon brings a bunch of improvements and introduces EventID 23.

I’ve been a huge fan of MITREs ATT&CK framework ever since its release.