-
The Art and Science of Threat Detection: SIEM and Detection Engineering Essentials
I’ve decided to tie this post and one other on Building an Effective Security Operations Program together instead of posting them weeks apart. I wanted to focus on the high level aspect of building out a proper security operations focused on Detection and Response, but I also felt like we needed to really dig into…
-
Building an Effective Security Operations Program: Focusing on Detection and Response
Hey everyone! We’re going to be focusing on building out the core competent of your SOC! This post is going to be pretty high level, not too in the weeds as I want to cover the hot items that go into the average SOC these days. There is a more technical blog along side this…
-
From Detection to Prevention: Crafting a Proactive Threat Detection Strategy
Recently, I’ve been thinking more and more about our Threat Detection processes and what we’ve been doing to increase our detection capabilities. Because of that, I thought I would try and articulate at a high level a relatively normal Threat Detection Strategy that focuses on Detection & Prevention. I’ll be doing a series of posts…
-
The Brutus Botnet
Chris Grube and I been tracking some bizarre brute force activity at work since Wednesday but we believe this botnet started attacking as early as March 15th. While brute force attacks are nothing new, this one has some uniqueness to it. One of which is the size of the botnet, it appears that after every…
-
Getting burned in the Cloud
It has finally happened to me… I’ve finally made a “mistake” in Azure that costed me money… In my defense the default setting changed, and I didn’t notice it. The goal was to setup some backups in Azure with their cold storage. Pretty simple right? It’s super straightforward and I was up in running in…
-
Annoying Azure Bug
Boy oh boy, did Azure piss me off this time. I’ll start by saying I tend to enjoy working in Azure over the other major cloud providers out there. But it’s fair to say, Azure has PLENTY of quirks. A while back, I was working with a client on a consulting gig I’m doing on…