Blogs

Learning notes, cybersecurity reflections, and certification journey posts organized by context.

Module 3: Windows Event Logs & Finding Evil

My CDSA Module 3 notes on Windows Event Logs, Sysmon, ETW, SilkETW, Get-WinEvent, and practical detection scenarios.

Module 3: Skill Assessment

My CDSA Module 3 skill assessment notes using Get-WinEvent, Sysmon logs, XML parsing, and timeline pivots across DLL hijacking, unmanaged PowerShell, LSASS dumping, and strange PPID behavior.

htb-academy cdsa skill-assessment

Module 2: Security Monitoring & SIEM Fundamentals

CDSA HTB Academy Module 2

A practical overview of SIEM fundamentals, the Elastic Stack, ECS/KQL querying, SOC tiering, triage workflow, MITRE ATT&CK mapping, and detection engineering use cases.

htb-academy cdsa soc

Module 1: Incident Handling Process

CDSA HTB Academy Module 1

Key lessons from studying incident handling through HTB Academy and CDSA preparation, covering preparation, detection, containment, recovery, post-incident activity, and where AI can help.

htb-academy cdsa incident-response