tag: purple-team

all the articles with the tag "purple-team".

• opsec red/blue: kerberoasting - attack and detection

  21 feb, 2026

  ·purplehawk · 10 min read ·

  kerberoasting is old news. making it harder to detect isn't. here's what red can do to reduce the noise, and what blue can do beyond basic event ID filtering.