Incident-Response on ku5e | Cybersecurity Portfolio

Incident-Response on ku5e | Cybersecurity Portfoliohttps://ku5e.com/tags/incident-response/Recent content in Incident-Response on ku5e | Cybersecurity PortfolioHugo -- 0.162.1en-usFri, 20 Mar 2026 16:29:00 +0000TryHackMe Rooms Are Not as Easy as They Feelhttps://ku5e.com/blog/tryhackme-rooms-are-not-as-easy-as-they-feel/Fri, 20 Mar 2026 16:29:00 +0000https://ku5e.com/blog/tryhackme-rooms-are-not-as-easy-as-they-feel/TryHackMe rooms feel easier than real incident response for a specific reason. Understanding that reason is what turns room practice into genuine readiness.The First 90 Days in a Security Role Are Not on Any Cert Examhttps://ku5e.com/blog/the-first-90-days-in-a-security-role-are-not-on-any-cert-exam/Fri, 20 Mar 2026 16:25:00 +0000https://ku5e.com/blog/the-first-90-days-in-a-security-role-are-not-on-any-cert-exam/Earning the cert gets you hired. What happens in the first 90 days is determined by two habits that no certification exam measures — and most candidates do not know which one they default to until it costs them.TryHackMe: Threat Intel & Containmenthttps://ku5e.com/blog/tryhackme-threat-intel-containment/Sun, 15 Mar 2026 20:59:00 +0000https://ku5e.com/blog/tryhackme-threat-intel-containment/Walkthrough for the TryHackMe Threat Intel & Containment room covering threat intelligence creation, containment strategies, and basic Wireshark packet analysis.TryHackMe: Tardigradehttps://ku5e.com/blog/tryhackme-tardigrade/Sun, 15 Mar 2026 20:53:00 +0000https://ku5e.com/blog/tryhackme-tardigrade/TryHackMe Tardigrade walkthrough. Five persistence mechanisms on a compromised Linux server, from bashrc alias hijacking to abused system accounts.TryHackMe: Preparationhttps://ku5e.com/blog/tryhackme-preparation/Sun, 15 Mar 2026 20:31:00 +0000https://ku5e.com/blog/tryhackme-preparation/TryHackMe walkthrough for the Preparation phase of incident response — building a CSIRT, defining roles, establishing log management pipelines, and configuring Windows Event Log collection before an incident occurs.TryHackMe: Identification & Scopinghttps://ku5e.com/blog/tryhackme-identification-scoping/Sun, 15 Mar 2026 20:29:00 +0000https://ku5e.com/blog/tryhackme-identification-scoping/TryHackMe walkthrough for Identification and Scoping — determining what systems were affected, mapping phishing indicators, and building the initial picture of a live incident before containment begins.TryHackMe: Eradication and Remediationhttps://ku5e.com/blog/tryhackme-eradication-and-remediation/Sun, 15 Mar 2026 20:22:00 +0000https://ku5e.com/blog/tryhackme-eradication-and-remediation/TryHackMe walkthrough covering eradication and remediation in incident response — removing attacker persistence, patching exploited systems, and restoring operations using MITRE ATT&CK and Jenkins-based tooling.