Recently, our team was asked to provide training for an operational military Cyber Protection Team (CPT). This unit, and many others, are working remotely due to the current global situation but still need a way to provide cutting-edge training to keep their operators sharp and mission-ready. This was a particularly important engagement to the team at Recon as we are a team composed heavily of veterans and current members of Reserve/National Guard components.
Eric Capuano
Recent Posts
Recon Provides Range Training for Military Cyber Protection Teams During COVID-19 Lockdown
Apr 29, 2020 12:22:00 PM / by Eric Capuano posted in DFIR, Training, NDR, Defense, Military, CPT, Intel
OpenSOC: Camp COVID
Mar 30, 2020 1:15:00 PM / by Eric Capuano posted in OpenSOC, Events
Hello OpenSOC fam! First and most importantly, we hope that you and yours are healthy and happy in these unprecedented times.
Network Defense Range (NDR) Returning to BlackHat 2020
Jan 26, 2020 2:26:00 PM / by Eric Capuano posted in Incident Response, InfoSec, Training, Threat Hunting, NDR, Defense, BlackHat
We're thrilled to be accepted back to BlackHat to run our live-fire Network Defense Range (NDR) course again this year! We received overwhelmingly positive feedback from last year's attendees and we have even bigger plans this year.
OpenSOC @ DC27 - Black Badge Edition!
Aug 31, 2019 2:53:00 PM / by Eric Capuano posted in OpenSOC, DEFCON, Events, BlackBadge, BlueTeamVillage
We never wrote up a blog post for DC27, but this excerpt from the closing ceremonies covers most of what we would've written.
Analysis of Exploitation: CVE-2019-3396
May 20, 2019 3:22:00 PM / by Eric Capuano posted in DFIR, Incident Response, Forensics, Security, Malware, Exploit, Intel Sharing, Vulnerability
The Recon incident response team recently worked an intrusion case involving a Confluence web application server that was affected by CVE-2019-3396.
Locking down ZeroTier peer-to-peer networks
Feb 9, 2019 3:38:00 PM / by Eric Capuano posted in ZeroTier, Defense, DevOps, VPN, Cryptography
In a previous post, we shared our affinity for ZeroTier:
Join us for Network Defense Range Training at Black Hat 2019!
Feb 4, 2019 3:48:00 PM / by Eric Capuano posted in DFIR, Incident Response, Forensics, Training, NDR
We're very excited to announce that we'll be bringing our NDR training to Black Hat this year! Come join us for the Network Defense Range Crucible - Live Adversary Detection and Incident Response during Black Hat 2019 Trainings!
Blue Team Village @ DEF CON 26
Aug 23, 2018 4:00:00 PM / by Eric Capuano posted in OpenSOC, DEFCON, Events, BlueTeamVillage
Huge thanks to @BlueTeamVillage and all of the awesome projects that make up OpenSOC Blue CTF!
Build a Free Private Mesh Network for Secure DevOps
Dec 8, 2017 4:31:00 PM / by Eric Capuano posted in ZeroTier, Defense, DevOps, VPN, Cryptography, Networking
Over time and for various reasons, I've amassed quite the catalog of cloud-hosted servers. This has caused much anxiety in the form of rapidly expanding attack surface which I've met painstakingly with manually managed firewall rules and nginx ACLs... Not anymore!
Auditing G Suite Login Activity
Sep 3, 2017 4:36:00 PM / by Eric Capuano posted in Automation, DFIR, Forensics, Google
Often times during incident response activities, the responder is overwhelmed with data. The need for tools to automate the analysis and enhancement of this data is crucial.