This will be the last blog in this series on OPSEC for Blue Teams. I will share some of my thoughts on sandboxes, secure communications and sharing of info & data when dealing with a targeted attack.
This second blog in the series on OPSEC for Blue Teams is about testing tools used to get context and/or OSINT on domains and IPs. While performing these tests it also showed results that can be interesting for Red Teams.
This is a three-part blog about OPSEC for Blue Teams. This first part expresses some of my ideas about the risk of alerting the adversary and OPSEC for getting OSINT and context on domains and IPs. The second part is about testing tools (I performed tests on PassiveTotal and VirusTotal) which provide context and/or OSINT in relation to OPSEC. The last part will be on sandboxes, secure communications and sharing of info & data when dealing with a targeted attack.