-
Notifications
You must be signed in to change notification settings - Fork 7
Evidence Resources
abathelt edited this page Jan 8, 2021
·
2 revisions
This section contains information about evidence at analyst's disposal
A compilation of information about data sources. Each page contains information about data source, how to access it, and the fields it contains.
Internal Intelligence
- SIEM
- Logs
- Antivirus
- NSM (Network Security Monitoring)
- Malware Analysis
- Other teams
Domain and IP
Network
Disk
Threat Intel
Friendly Intel