Hello People,
BlackPerl DFIR is here to help you AMPLIFY your CYBER SECURITY knowledge.
It's not JUST about general knowledge, but we will deep dive in some areas for DFIR, Threat Hunt, Threat Intel, Security Engineering, SIEM, Malware Analysis, Process overview and what not!!
We will try to discuss my real world experience around DFIR to help you to improve our skills. Since KNOWLEDGE grows by sharing, my whole intention is to share our real life experiences while we're working on different INFOSEC fields to help all to get in depth.
Sounding up your alley? Hit that SUBSCRIBE button and we will see you in the comments!
-About-
We are CYBER SECURITY PROFESSIONAL working in fields to tackle DFIR for decades now. We have got opportunity to work in Digital Media, Core IT, Consumer Goods, FMG industries. Our key area of work is- INCIDENT RESPONSE, MALWARE ANALYSIS, FORENSICS ACQUISITION, MEMORY ANALYSIS, THREAT HUNT.
** Want to set up a call? Drop a note- [email protected]
Пікірлер
you been talkin for 20 minutes
you talk too much instead of doing this thing
can you please make a video how can i install cortex on ubuntu. I tried so many times and i installed it on my machine but when i run it on browser on port 9001 than it show connection closed. Can you please help?
This presentation is poor. You didn't explain the difference between playbook and runbook instead talking about how to create playbook.
🎉🎉
🎉
How to set up a ioc for one ransomware attack
I'm the same position, frustrated 🥴
11:43 PAGE you? Do you still use pagers?
5:05 Don’t you, all, have access to that evidence folder? And why do you have only a sample and not all pieces of evidence?
the good CTF courses aren't free btw.
Hey guys thank you for this informatic video
Qradar cloud option always loading in provisioning
Buenisimo saludos desde argentina! Estoy estudiando seguridad informática, ojalá me toque un equipo así 😂
Thanks its mind blowing. which feeds are you using, are you using paid one? why and who should use paid ones?
Thanks for sharing, bro!
can anyone tell me that when we discussing the plans and all things to our team it is necessary to talk iin english?
now Twitter API is paid :) cant do this
Thanks. Please can you make a video on how to integrate MISP with Splunk? and how to generate alerts by threat hunting in a machine and get those alert notifications in Splunk via MISP and vice versa?
Interestting topic but it would be interessting to include an open source NGFW ( next generation firewall)
It's just a prototype. Feel free to contribute and raise PR
what about incognito mode ?
can you help me, when I try to log in using (ip:3443 or with 3001) and I access it with an admin account but the login always doesn't work can you help find a solution thank you and I hope my comment can be replied to
Just wanted to add to what you said about the Communications Plan: a perfect case study of **why** this is so important is the Three Mile Island incident in Harrisburg, PA, USA. They had ZERO communications plan and it was a **NIGHTMARE**. Seriously, everyone, know your comms plans.
where is command 3:20 i cant found in description box
Hello Archan Bhaiya, Do you still have the VIP coupons available?
Please provide 11 courses bundle sale package in same price
I tried to implement it but giving issues 23:31--- 24:03
It is really very informative session
Got a good info on incident response ❤ Keep posting such videos.
How much is this course now ?
academy.blackperldfir.com/learn/aws-ec2-ir 24 USD approx
No discount ? @@BlackPerl
Thank you, I appriciate your hard working, I followed your way but I have problem. I am not getting the Log, I feed or used ./logrun.pl, then, Qradar won't show me anything, it's empty, I also installed DSM FirEye, still nothing, even the source IP changed to my local network, when I know it's meant just for source only, I am a deadend bro any help please?
Thank you for making this demo, please can you tell there are so many SIEM tools on market, but you chose Qradar, why is that?
This entire video based related on NIST concept am correct bro...
Yes. Partially
Hi bro, do you have any plans to provide trading for soc analyst level 1 and level2 ? I would really be interested.
Check out all our courses below academy.blackperldfir.com/learn
@@BlackPerlChecked the website, There is no course for SOC analyst Tier1 and 2 ! 🥲 Please let me know if you ever plan to create a job ready course for SOC in future.
@FunNFury We run instructor led 4 month course named BlackPerl Certified Advanced Defender. We will open new registration soon. If interested, you can join.
@@BlackPerl I have been looking for soc specialisation which is job ready, i like your direct approach of teaching, for me it's not about certificate, but right skills and knowledge that is applicable in work. I will be more than happy to join if you have something focused particularly towards SOC, with a short time frame.
@FunNFury Yes. Our whole course is focused on SOC - SecOps, Security Engineering, Malware Analysis, Digital Forensics, Linux IR and many more things. You can take a look at below to get the full idea. However for the new batch we are revamping our syllabus. blackperldfir.com/bcad/backup.html
Thank you so much, you are the only youtuber who is doing everything practically, great series of course, quite clear.
Thank You
You nailed it bro❤❤
Hello Sir, I have a doubt, I would like to know how to parse rsyslog data's from external Kali Linux device to Qradar machine. Do I need Qradar EDR agent for parsing external device data to Qradar?
00:10 ill give you support but dont expect love..sorry
please share the github link
Thank you so much sir you are greate
Enroll here- academy.blackperldfir.com/learn/ch-dc-bundle-2023 Coupon Code- HOHOHO2023 to get 50% Off
Hello I was trying to build a SOAR with the Elastic SIEM + TheHive + Cortex + Teams But I don't know how to create the Elastic SIEM with Elasticsearch and Kibana only Please Have you a video or a github repository for it ? Thanks !
Can u make a seperate video on how to apply for internships ? And likely get accepted, like the tricks we need to get the internship?
Great! Thanks for sharing!
Hi @blackPerl Could you please share the mapping chart and guide us with more details that How to map a threat group into the MITER ATT&CK framwork
If i want to learn more about Binalyze where can I start? Are there any tutorials that have to be followed in a particular order?
Very informative video 👍
Great video tutorial and works perfectly, unfortunately for webhook connector in elk you need a subscription to activate it or do you have another tutorial to activate it without subscription?
nice video tutorial. Many people go to school just to learn all these stuffs. Thank you soo much.