SIEM Use Cases: Defining ‘Why’

Security Incident and Event Management platforms are one of the most important tools in a security team's arsenal. They are also one of the most expensive and time consuming tools in that same toolbox. For a fledging security team, a SIEM may seem like one of the first project to undertake (if you have your … Continue reading SIEM Use Cases: Defining ‘Why’

Corporate Blog: Mailgun’s Log4j Defense

I originally wrote this for Pathwire at: https://www.mailgun.com/blog/Mailgun-Log4j-Defense/ On December 10, 2021 the world was rocked by a huge vulnerability that left millions of IT and security professionals scrambling. The vulnerability, dubbed Log4Shell, left assets vulnerable to a (ridiculously) simple exploit that led to Remote Code Execution (RCE). This blog post isn’t a technical article about the vulnerability itself– there … Continue reading Corporate Blog: Mailgun’s Log4j Defense

So, you want to get into CyberSecurity

This is just a collection of pieces of advice I have provided to friends/family/acquaintances over the years. It isn't an end all list or guaranteed roadmap of how to get a career in cybersecurity, but it is hopefully a start for someone out there! Keep in mind as I write this, I have only ever … Continue reading So, you want to get into CyberSecurity

The 10 Immutable Laws of Security Administration

Found the following 'Immutable laws of Security Administration' the other day. Apparently Microsoft first published this back in 2000. That is twenty years ago now. For reference, common technology in use back then: The first camera phone appeared, The Sims was launched, and USB drives were just then becoming commonplace. https://www.computerhistory.org/timeline/2000/ What is crazy to … Continue reading The 10 Immutable Laws of Security Administration

Corporate Blog: A Look at the Kaseya Incident

This is a blog post I wrote for LifeOmic: Ransomware is a scourge on businesses everywhere today, and the Kaseya ransomware incident was no different. Except, it was an exceptional attack that utilized advanced procedures not normally seen in large scale, public, ransomware incidents. TrueSec provides an excellent overview of the initial compromise: Obtained an … Continue reading Corporate Blog: A Look at the Kaseya Incident