Hi all, this is a documentation about IT/OT security created by @joktotem.
Right now i am freelancer at totem-security.com.
Some threat hunting rules may not be ready for production, please test and optimize them.
Event data are inside code blocks like these:
Rules and code are inside code blocks like these:
Threat hunting rule types: