Terraform is an open-source Infrastructure as Code (IaC) tool that enables you to automate and manage your cloud infrastructure using a declarative configuration language. One of the many services that Terraform can manage is Amazon Web Services (AWS) Virtual Private Cloud (VPC) Flow Logs. VPC Flow Logs provide valuable insights into your network traffic, allowing … Continue reading Leveraging Terraform and AWS VPC Flow Logs with Meta Fields for Enhanced Monitoring
SIEM Use Cases: Defining ‘Why’
Security Incident and Event Management platforms are one of the most important tools in a security team's arsenal. They are also one of the most expensive and time consuming tools in that same toolbox. For a fledging security team, a SIEM may seem like one of the first project to undertake (if you have your … Continue reading SIEM Use Cases: Defining ‘Why’
SumoLogic and Terraform: Detection as Code
https://youtu.be/k7vRGh1NIJw A talk I gave at SumoLogic Illuminate 2021.
Corporate Blog: Mailgun’s Log4j Defense
I originally wrote this for Pathwire at: https://www.mailgun.com/blog/Mailgun-Log4j-Defense/ On December 10, 2021 the world was rocked by a huge vulnerability that left millions of IT and security professionals scrambling. The vulnerability, dubbed Log4Shell, left assets vulnerable to a (ridiculously) simple exploit that led to Remote Code Execution (RCE). This blog post isn’t a technical article about the vulnerability itself– there … Continue reading Corporate Blog: Mailgun’s Log4j Defense
So, you want to get into CyberSecurity
This is just a collection of pieces of advice I have provided to friends/family/acquaintances over the years. It isn't an end all list or guaranteed roadmap of how to get a career in cybersecurity, but it is hopefully a start for someone out there! Keep in mind as I write this, I have only ever … Continue reading So, you want to get into CyberSecurity
The 10 Immutable Laws of Security Administration
Found the following 'Immutable laws of Security Administration' the other day. Apparently Microsoft first published this back in 2000. That is twenty years ago now. For reference, common technology in use back then: The first camera phone appeared, The Sims was launched, and USB drives were just then becoming commonplace. https://www.computerhistory.org/timeline/2000/ What is crazy to … Continue reading The 10 Immutable Laws of Security Administration
Guided Security 