Adam Gardner

Regex in the Trenches: A SOC Analyst’s Guide to Hunting IOCs (Part 2 — Practical Patterns for Analysts)

regex, iocs, soc analyst, siem, yara, sigma, suricata, splunk, dfir, threat hunting, incident response
Splunk Survival Series — Part 4: Hunting Like a Pro

#Splunk #SOC #ThreatHunting #CyberSecurity #Regex #SecurityOperations #DigitalForensics #DetectionEngineering #SplunkSearch #DFIR #InfoSec
Regex in the Trenches: A SOC Analyst’s Guide to Hunting IOCs (Part 1 — Core Concepts)

#Regex #ThreatHunting #SOC #DFIR #Cybersecurity #Splunk #YARA #Sigma #Suricata
Splunk Survival Series — Part 3: Regex and Field Extractions

#SplunkSurvivalSeries #Splunk #Regex #LogParsing #FieldExtractions #Cybersecurity #SIEM #BlueTeam #SOCLife #DetectionEngineering #DFIR #LogAnalysis #RexCommand
Cyber Pulse: CVEs Diagnosed by a Paramedic Turned Analyst

ToolShell in the Wild — CVE‑2025‑53770 & CVE‑2025‑53771 Sometimes the vitals don’t lie, and in this…
Not Just a Resume — Cybersecurity Is My Life

This is me — not in a suit, not posing for the 9 to 5. Just…
Locked Out of My Own Spine: A Real-Life Incident Response Case Study

You don’t expect to get locked out of your own spine. But that’s exactly what happened…
Splunk Survival Series – Part 2: Getting Analytical

Welcome back to the Splunk Survival Series. In Part 1, we mapped the battlefield — indexes,…
When Trust Backfires: Certificate Warnings, Known Brands, and the Quietest Exploit in the Game

📌 CVE Context (HTTP-based, not CVE-specific) This isn’t about a specific CVE. It’s a behavior-based vulnerability:…
Deleted ≠ Gone: The Forensic Reality of Cloud Evidence

Someone deletes cloud footage — that’s not the end of the evidence. In DFIR, deletion is…