RSS

Posts in 2022

  • Explaining DNS Security

    07.08.2022 in Security

    Explaining DNS Security This blog focuses on simply explaining some necessary concepts. The next blog dives into the considerations and problems when implementing these technologies: The Tragedy of DNS Security These terms often get confused and …

    Read more

  • DerbyCon Puzzle

    19.07.2022 in Writeups

    DerbyCon Puzzle As everyone reminisces about the good times at Derbycon, I am reminded that I am one of many that never made it out to what sounds like an awesome conference. Though back in January of 2019, they announced they’ll no longer by …

    Read more

  • Zero Trust - Devices

    30.06.2022 in Misc

    Zero Trust Strategy: Part 3 - Devices Parts 1 and 2 can be found here: Zero Trust Strategy: What is Zero Trust Architecture? Zero Trust Strategy: Part 2 - Identity Continuing on in Part 3, we’ll be taking a deeper look at the second of …

    Read more

  • Zero Trust - Identity

    02.05.2022 in Misc

    Zero Trust Strategy: Part 2 - Identity Part 1 of the Zero Trust Strategy Blog Series can be found here: Zero Trust Strategy: What is Zero Trust Architecture?. This blog series will work to break down the important details from the Federal zero trust …

    Read more

  • Zero Trust - What is ZTA

    05.04.2022 in Misc

    Zero Trust Strategy: What is Zero Trust Architecture? Zero Trust has become a constantly used “buzzword” and depending on who you ask, their definition of zero trust can be completely different. The main reason I think we are hearing this …

    Read more

Posts in 2021

  • TAP vs. SPAN

    31.12.2021 in Engineering

    TAP vs. SPAN Which is better, a TAP or a SPAN port? It depends! Unfortunately, there’s no easy TL:DR for this one. In a perfect world, we’d have both implemented each covering different use-cases. You are capturing network traffic, or …

    Read more

  • Zeek - File Extraction

    21.12.2021 in Scripting

    File Extraction with Filtering Heads up! There’s nothing mind blowing here, just a simple Zeek script with a use case for incident response. If you are curious to know more, then please read on! If you are just here for the script – feel …

    Read more

  • Linux - Sort Sandwich

    04.09.2021 in Scripting

    Analyzing Logs with the Linux Sort Sandwich In a perfect world, we’d always have access to a nice pretty graphical interface where all our data is co-located and happy. Unfortunately, that’s not always the case. Here I’ll walk …

    Read more

Posts in 2020

  • PS - Counting CSV Items

    29.08.2020 in Scripting

    Problem? I needed to get a unique count of items in a CSV file. Specifically, this was part of converting a CSV to JSON. PowerShell actually makes this pretty simple, but there are a few considerations in the code. TL/DR - The Function I’ll go …

    Read more

  • Index on Ingest

    23.08.2020 in Engineering

    Index Time To set the frame for this, let’s use two common databases used in Security: Elasticsearch and Splunk. Within any database, the data you ingest will need to be indexed so you can search across that data. Depending on your end goal, …

    Read more