Blue Team

The blue team is a group focused on protecting assets. This includes monitoring the security controls, the intrusion detection systems, the logs to protect the assets and identify when a security breach occurs, and raising security awareness overall (ie make the writeups human-readable for intended audiences).

These are some writeups made on our journeys in a digital landscape formed by nature’s own processes and humanoid activities and neglect throughout decades. Expect some tongue-in-cheek.

---

Security operations

• Threat intelligence
• Threat and vulnerability management
• Network traffic analysis (NTA)
• Endpoint detection and response (EDR)
• Security information and event management (SIEM)
• Digital forensics and incident response (DFIR)
• Phishing analysis and prevention
• Malware analysis

---

Security operations development

• Recent threats
• Shift left web applications
• Development security operations (DevSecOps)
• SecOpsDev documentation
• Smarter mail servers
• Deception technology

---

Endpoint mitigations

• Hardening macOS
• Hardening Windows
• Hardening GNU/Linux
• Android hardening
• iOS hardening
• Protect your PII
• Hardening Linux server
• Network mitigations
• Hardening webserver

---