Your SOC, but finally without the headache. In the previous article, I talked about how AI is changing SOC operations forever — especially tools like Dropzone AI that automate full investigations. If you ask me which tools I enjoy working with the most, I will always say CrowdStrike , SentinelOne , and Forensic tools . But recently, one tool has impressed me so much that I genuinely feel like every SOC team should see it at least once. And that tool is Dropzone AI . This Ar

Let’s be honest for a second. I’ve been in forensics and incident response long enough to see the cybersecurity world change fast — but nothing is shaking things up more than AI inside SOCs . And no matter how many people say “ AI won’t take jobs, it will only assist us, ” the reality I’m seeing in the field is completely different. I’m on calls with security teams, MSSPs, product vendors… and the pattern is the same everywhere: 🔥 Tasks that used to require 20–30 analysts a

Hey everyone! Welcome back to another post in my SentinelOne series — if you haven’t checked out the earlier ones, I recommend scrolling back and giving them a read. https://www.cyberengage.org/courses-1/mastering-sentinelone%3A-a-comprehensive-guide-to-deep-visibility%2C-threat-hunting%2C-and-advanced-querying%22 Today, I’m here to share something different — a real-world workaround that helped me fix an interesting SSO problem with SentinelOne. --------------------------

Before diving in, I’d like to highlight a comprehensive series I’ve created on Data Carving—feel free to check it out via the link below. https://www.cyberengage.org/courses-1/data-carving%3A-advanced-techniques-in-digital-forensics --------------------------------------------------------------------------------------------------------- If you’ve been in digital forensics long enough, you’ve probably heard about Bulk Extractor — the legendary tool that can scan through mass

Everyone who does digital forensics has seen wipers. Funny part is attackers and careless admins both sometimes want files gone . Tools that overwrite/delete files — “wipers” — are common and can hide evidence. SDelete (a Sysinternals tool signed by Microsoft) is famous because it can slip past some whitelisting and looks “legit” on a system. But SDelete is only the tip of the iceberg — there are other tools and each leaves its own marks. Knowing those marks helps you figur