Remote Access Done Right
Do you have resources on prem? In the cloud? How about in multiple clouds? How do you access them...
Securing Your Velociraptor Deployment
Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and...
Integrating Thinkst Canaries with TheHive
We've been big fans of the Thinkst platform for a while now. We may have mentioned them a time or...
OpenSOC @ DEF CON 28 Safe Mode
Some of you may remember our last event, Camp COVID. That was the biggest event we had ever run....
Camp COVID - A Recap
Let me first say, on behalf of the Recon team, we cannot thank the community enough for joining us...
Integrating Graylog With TheHive
If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)
Graylog and Cylance Protect Integration
TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...
Brokering Other Cloud Resources Behind AWS Services
I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of...
The Infrastructure, II
After DEF CON last year, we posted this blog about our infrastructure, which was spread between a...
Automating Graylog Pipelines
Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...