Palo Alto Networks - PCNSE Certification Part 4: Basic Configuration (Interfaces)
Configure Palo Alto interfaces, zones, and management profiles — set up Layer 3 interfaces with static IPs and lock down which protocols answer in-band.
Posts
Palo Alto Networks - PCNSE Certification Part 5: Basic Configuration (Security Policies, source NAT)
Build Palo Alto security policies and source NAT rules — use Tags to organize objects, apply rules across zones, and verify both in GUI and CLI.
Cybersecurity Tools - VERIS Incident Model
VERIS framework breakdown for incident response: actors, actions, assets, and attributes (the 4As) used to classify security incidents in the VCDB dataset.
Splunk Series II: Correlating Events
Correlate events in Splunk using transactions — group related events with maxspan, maxpause, startswith, endswith — and when to use stats instead.
Splunk Series II: Filtering/Formatting Data
Filter and format Splunk data with eval, search, and where commands — calculate field values, apply conditional logic, and clean up report output.
Splunk Series II: Fundamentals II
Splunk Fundamentals 2 topics — transforming commands, transactions, knowledge objects, field aliases, tags, macros, data models, and the CIM.
Splunk Series II: Knowledge Objects and Managing Fields
Splunk knowledge objects explained — field extractions, event types, lookups, workflow actions, tags, and data models for sharing reusable assets.
Splunk Series II: Visualizations
Splunk visualization types — line charts, bubble charts, cluster maps, choropleth maps, single-value panels — turning search results into dashboards.
Splunk Series: Basic Search
Get started with Splunk basic search — using the search assistant, pipes, commands, and reading results in the SPL editor to query indexed data fast.
Splunk Series: Components
Splunk core components — Indexer, Search Head, and Forwarders — and how each role processes machine data, runs searches, and delivers results.