I have always been a great fan of Splunk for analyzing log data when investigating incidents. One of the downfalls is that while Splunk does a wonderful job searching logs, the timeline it creates is missing critical time information about …..
I’ve watched our industry slowly mature itself over the last fifteen years, and I am still somewhat bemused regarding penetration testing. It seems like every standard now requires a penetration test to be done, why? I struggle to see the …..
In my previous post “The Root of All Compromise” input validation was touched on briefly, with links to further information on the subject. In this post I will provide further examples of why using input validation with white-listing is so …..
In warfare, as you modify your defenses, your enemy modifies their tactics. This same process of threat evolution is occurring at a rapid pace in the online world. Warfare is not a new endeavor and old tactics are reused in …..
As the resident, when things go wrong expert, I am constantly asked some of the same basic questions. One of the most common questions is in regards to exactly how a system can be compromised. This is a simplified explanation, …..
When building an incident management capability, the 3P’s, Planning, Preparation, and Practice, are the foundational components of effective incident management. With out all three Ps, costly mistakes will occur, making success difficult at best, and failure almost inevitable. 2014 has …..