http://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching SOC Analyticsen-usMon, 03 Apr 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/security-analytics-using-silk-and-mothra-to-identify-data-exfiltration-via-the-domain-name-service/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.Timothy ShimeallMon, 03 Apr 2023 00:00:00 -0400https://www.sei.cmu.edu/blog/security-analytics-using-silk-and-mothra-to-identify-data-exfiltration-via-the-domain-name-service/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSOC Analyticshttps://www.sei.cmu.edu/blog/security-analytics-tracking-software-updates/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post presents an analytic for tracking software updates from official vendor locations.Timothy ShimeallTue, 21 Jun 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/security-analytics-tracking-software-updates/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSOC Analyticshttps://www.sei.cmu.edu/blog/security-analytics-tracking-proxy-bypass/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post describes how to track the amount of network traffic that is evading security proxies for services that such proxies are expected to cover.Timothy ShimeallMon, 25 Apr 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/security-analytics-tracking-proxy-bypass/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSOC Analytics