Recon InfoSec (6)

Automating Detection Coverage Analysis with ATT&CK Navigator

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Brian Greunke

Staying on-top of the latest adversarial methodologies means quickly adjusting to new TTPs and...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

We're thrilled to be accepted back to BlackHat to run our live-fire Network Defense Range (NDR)...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

After DEF CON last year, we posted this blog about our infrastructure, which was spread between a...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

We never wrote up a blog post for DC27, but this excerpt from the closing ceremonies covers most of...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

The Recon incident response team recently worked an intrusion case involving a Confluence web...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In a previous post, we shared our affinity for ZeroTier: