Securing Your Velociraptor Deployment

Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and endpoint management. It currently supports Windows, Linux, and Mac endpoints, and BONUS: it's open source! We use it extensively, and we have also embedded it into our NDR Training! If you are unfamiliar: Source:…

OpenSOC @ DEF CON 28 Safe Mode

Some of you may remember our last event, Camp COVID. That was the biggest event we had ever run. UNTIL LAST WEEK: DEF CON 28 The stats speak for themselves... and so does the participant map above :) Stats8M Graylog queries 91K+ scoreboard submissions 800+ participants 500+ challenges 350+ teams 260GB+…

Camp COVID - A Recap

Let me first say, on behalf of the Recon team, we cannot thank the community enough for joining us last week. It was the first time we've ever run an event like this: 100% virtual, remote, and open to anyone and everyone. It was a huge success, and we got…

OpenSOC: Camp COVID

Hello OpenSOC fam! First and most importantly, we hope that you and yours are healthy and happy in these unprecedented times. As many of you noticed on Twitter or heard on Detections podcast, we're rallying together to host a first-ever, open to the public OpenSOC event that participants can access…