I have been working on implementing Security Onion in a production environment. The two major problems that have given me headaches so far is storage on the sensor nodes, and internal networking. Networking Problem Security Onion uses docker to create and manage different aspects of itself. Below is a good image of the different containers … Continue reading Initial Security Onion Problems
Threat Emulation – Tune Tune Tune
Today's compliance environment requires more and more monitoring to be put in place, which is awesome! More logs, more samples, more alerts! However, just implementing and monitoring a SIEM or other log/alerting solution is not really going to ensure you're seeing what you need to so. Instead you might want to consider a bit of … Continue reading Threat Emulation – Tune Tune Tune
Network Flight Simulator
I have been looking for training mechanisms lately for the team. Luckily, it looks like folks already have been trying to find the same, because this handy repository was already built Adversary Emulation APTSimulator - Windows Batch script that uses a set of tools and output files to make a system look as if it was … Continue reading Network Flight Simulator
Another Cloud Forensics Workshop
Pulling an image for forensic analysis is not the hardest thing in the world, and thinks to Kenneth Hartmann anyone can quickly learn how! I have long admired Ken since sitting his SANS SEC545 training. When he announced that he was working on a workshop/tutorial on how to perform forensics on EC2, I was pretty … Continue reading Another Cloud Forensics Workshop
SANS GCIH – Log 5
I PASSED! I literally threw my hands up in the air as the score appeared on the screen. Those practice exams are spot on. From the difficulty to the actual time it took, everything lined up similarly. Probably the best advantage/help I had was the proctor actually offered up a table for all the books … Continue reading SANS GCIH – Log 5
SANS GCIH – Log 4
I took my second practice test a few days ago, and it has taken me quite a bit to get over it. I got a 34%. Not a 90% like I was expecting, but a 34%. I took the practice exam after struggling to hang a light fixture in our house for almost two days … Continue reading SANS GCIH – Log 4
