Recon InfoSec | DevOps

Remote Access Done Right

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Do you have resources on prem? In the cloud? How about in multiple clouds? How do you access them...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Brian Greunke

Much has already been said about the recently reported SolarWinds compromise. In this post, we are...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Our team are huge fans of Velociraptor. It's an incredibly powerful tool, for both DFIR and...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

If you couldn't tell by now, we love Graylog. We may have mentioned them a time or two :)

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

TL;DR - we needed to ingest multiple sources of Cylance logs into Graylog, and this is how we did...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

I tweeted this the other day, and had a lot of folks reach out asking for more details/a diagram of...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

Part of our job at Recon relies on fine tuning our threat signatures that make up the bulk of our...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

In a previous post, we shared our affinity for ZeroTier:

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Whitney Champion

When I joined the OpenSOC team at the beginning of this year, everything resided on 3 Intel Skull...

${{ picture_of_text }} {{ content.blog_author.display_name }}$

Eric Capuano

Over time and for various reasons, I've amassed quite the catalog of cloud-hosted servers. This has...