SOC Experts Community - Beta
0 like 0 dislike
in Use Cases by (1.2k points)

1 Answer

0 like 0 dislike
by (620 points)

by using security solution (IPS, IDS, Firewall, Anti-virus, etc.) on your environment and forwarding the logs on a centralized system for analysis like a SIEM

1 Detecting WannaCry Infections via Anti-virus Logs

2. Detecting EternalBlue Exploits via IDS Logs

3. Detecting widespread SMB Scans via Network Flows and Firewall Logs

4. Detecting WannaCry kill-switch connection attempts via Web Proxy Logs

5. Detecting WannaCry execution via Windows Event Logs

SOC Experts - No. 1 Job Oriented Cybersecurity Training Program

View our Courses