Network Defense Range (NDR) Returning to BlackHat 2020
We're thrilled to be accepted back to BlackHat to run our live-fire Network Defense Range (NDR)...
Graylog and Cylance Protect Integration
TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...
Brokering Other Cloud Resources Behind AWS Services
I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of...
The Infrastructure, II
After DEF CON last year, we posted this blog about our infrastructure, which was spread between a...
OpenSOC @ DC27 - Black Badge Edition!
We never wrote up a blog post for DC27, but this excerpt from the closing ceremonies covers most of...
Automating Graylog Pipelines
Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...
Analysis of Exploitation: CVE-2019-3396
The Recon incident response team recently worked an intrusion case involving a Confluence web...
Locking down ZeroTier peer-to-peer networks
In a previous post, we shared our affinity for ZeroTier:
Join us for Network Defense Range Training at Black Hat 2019!
We're very excited to announce that we'll be bringing our NDR training to Black Hat this year! Come...
A Tribute to devnull
Hello, dear friends. The past few days have been extremely hard on the OpenSOC Team. We hope this...