Evidence-driven

Incident writeups

Select a report to view the full analysis.

Authentication

Brute Force Detection

Windows log review, anomalous patterns, TP determination, and alert tuning recommendations.

Alert ID: SEC-2025-0847 · MITRE: TA0006, T1110

Read investigation →

Network

Beaconing Investigation

Network flow and OSINT correlation to isolate C2 traffic, contain hosts, and recommend controls.

Alert ID: NET-2025-1423 · MITRE: TA0011, T1071

Read investigation →

Endpoint

Malware & EDR Triage

Process lineage review, persistence checks, threat intel enrichment, and remediation actions.

Alert ID: MAL-2025-0921 · MITRE: TA0002, T1059

Read investigation →