Skip to main content
Ryan Kovar

NY. AZ. Navy. SOCA. KBMG. DARPA. Splunk.

Tips & Tricks 3 Min Read

HellsBells, Let's Hunt PowerShells!

Learn some methods for hunting and detecting PowerShells no matter the "methodology"
Tips & Tricks 3 Min Read

101 things the mainstream media doesn’t want you to know about PowerShell logging*

Go beyond the powerpoint and learn to detect maliciousness on PowerShell by using Splunk.
Tips & Tricks 5 Min Read

Spotting the Adversary… with Splunk

Wondering how to find the baddies in huge volumes of data? Work with Splunk & Windows event Log Monitoring – refer to table of event codes in NSA paper.
Security 3 Min Read

Detecting dynamic DNS domains in Splunk

While useful legitimately, hackers can use dynamic DNS domains to change IP address rapidly & exploit via malware-evil.duckdns[.]org; how to protect against?