Integrating Graylog With TheHive

Jan 31, 2020 2:11:00 PM / by Whitney Champion posted in Automation, DFIR, Incident Response, SecOps, Security, Defense, Python, Graylog, DevOps, TheHive, Cortex, API

If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)

Read More

Network Defense Range (NDR) Returning to BlackHat 2020

Jan 26, 2020 2:26:00 PM / by Eric Capuano posted in Incident Response, InfoSec, Training, Threat Hunting, NDR, Defense, BlackHat

We're thrilled to be accepted back to BlackHat to run our live-fire Network Defense Range (NDR) course again this year! We received overwhelmingly positive feedback from last year's attendees and we have even bigger plans this year.

Read More

Locking down ZeroTier peer-to-peer networks

Feb 9, 2019 3:38:00 PM / by Eric Capuano posted in ZeroTier, Defense, DevOps, VPN, Cryptography

In a previous post, we shared our affinity for ZeroTier:

Read More

Build a Free Private Mesh Network for Secure DevOps

Dec 8, 2017 4:31:00 PM / by Eric Capuano posted in ZeroTier, Defense, DevOps, VPN, Cryptography, Networking

Over time and for various reasons, I've amassed quite the catalog of cloud-hosted servers. This has caused much anxiety in the form of rapidly expanding attack surface which I've met painstakingly with manually managed firewall rules and nginx ACLs... Not anymore!

Read More

Slacking at Security Operations

Oct 24, 2016 4:58:00 PM / by Eric Capuano posted in Automation, Operations, Defense, Intel Sharing, Slack

Running a Security Operations Center requires fighting a constant battle to increase analyst efficiency, speed and accuracy. Fast and effective communication coupled with automation is the only answer. So why not have both in the same platform?

Read More

Macro Security for Enterprise Defenders

Oct 20, 2016 5:01:00 PM / by Eric Capuano posted in Defense, Malware, Macro

In my experience, one of those most prevalent and common threats to today’s enterprise networks comes in the form of malicious email attachments (shocker!). Attackers leverage document types that are most likely accessible to software installed on the victim endpoint, making Microsoft Office a prime target. Yes, in 2016, malicious macros are still a major problem.

Read More
View RSS Feed