100 Days Of BlueTeam

1 minute read

Español aquí

2020 came with many surprises for everyone, COVID, social distancing, remote work and PlainText decided to take a break from their RedTeam learning journey to learn a few things about BlueTeam.

And so it was, while I was looking at Twitter I came across the tweet of my friend Víctor García Takito, talking about the #100DaysOfCode challenge, I found it super interesting, since I am a person who likes challenges, and I thought it appropriate to use this methodology to learn about BlueTeam. It was then that I decided to apply the #100DaysOfCode rules to my own #100DaysOfBlueTeam challenge.

The challenge basically consisted of dedicating at least 1 hour a day to learn something related to BlueTeam, here you can see the rules for the original challenge. My initial idea was to learn about threat detection, mainly for Windows environments, learn about YARA/Sigma rules, and see what other things came along the way.

On October 10, 2020, I started the challenge by posting my first tweet and started this learning journey that I do not regret.

In my GitHub I shared different use cases of the things I learned during the challenge, so that you can use it as a reference. I realized that I dedicated much more time understanding how to collect information, what tools I can use for different needs and automate all processes, than analyzing the information itself.

As part of these tasks, I learned to automate my labs, different tools for collecting information, and many OpenSource tools, which in my opinion are great and really useful for learning to identify threats.

I know that this knowledge will allow me to generally improve my perspectives in relation to Cybersecurity issues, knowledge that I hope to be able to apply and share in the future.

If you want to follow what I did you can check out my GitHub #100DaysOfBlueTeam.

God bless you!

Serving Christ is not a task, but a relationship. Friends of God Jn 15: 15