You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
soc analytics
About this tag
The soc analytics tag on WindowsForum.com covers discussions about how enterprise Security Operations Centers (SOCs) use analytics to detect and respond to advanced threats, particularly cloud-hosted adversary-in-the-middle (AiTM) phishing attacks that bypass MFA. Topics include analyzing phishing infrastructure on platforms like Microsoft Azure, Google Firebase, AWS, and Cloudflare, as well as techniques for credential theft detection and investigation. The content focuses on SOC workflows, threat intelligence, and analytical methods for identifying MFA bypass and credential theft in enterprise environments.
Enterprise-targeted phishing has migrated from dodgy domains and cheap VPSes to the same cloud platforms that companies trust to run their businesses—Microsoft Azure, Google Firebase, AWS and Cloudflare—and that shift is changing how SOCs detect, investigate, and stop credential theft and MFA...