EDR (Endpoint Detection & Response)- CLOUDSTRIKE-CARBONBLACK→ Secures endpoint devices only (laptops, servers, VMs).→ Focus is endpoint telemetry + detection + containment. Endpoint Detection and Response (EDR): EDR kicks in after a threat bypasses traditional defenses. It provides continuous monitoring, detection, and response capabilities for advanced threats and zero-days. • EDR helps in threat hunting, forensic… Read More »
What are your Daily EDR & SIEM Tasks for answering in Interviews On a daily basis, I monitor SIEM and EDR alerts and quickly triage them to separate real threats from false positives using process trees, log correlation, and user behavior. I respond to endpoint incidents by isolating infected machines, killing malicious processes, and supporting… Read More »
We need to place the script to add tomcat to start automatically upon reboot inside the init.d directory. Follow the below steps: cd etc/init.d/ touch tomcat vi tomcat Modify the java version and path as required marked in red in the content which will be pasted in tomcat file, and also the home directory where tomcat start… Read More »