You are browsing the archive for Incident Response.

The Future of SOC

December 8, 2022 in Incident Response, SOC, Triage

Over last few years we moved away from a SOC that used to be almost solely focused on Network and Windows events and artifacts (probably a strong fintech bias here) […]

Adobe: JSX and JSXBIN files

September 2, 2022 in Autostart (Persistence), EDR, Incident Response

I wrote about older Adobe scripting before. I recently discovered that Adobe products support scripting using so-called ExtendScript language with code being stored either in a source-level JSX file, or […]