In today’s threat landscape more and more threats like fileless malware and ransomware leverage PowerShell during the exploitation stage. In this post I have written some of the best ways… Read more How to monitor and detect malicious PowerShell scripts? →
10 years ago, when Gartner defined SIEM (Security Information and Event Management) it was trending in the cybersecurity landscape, and every organization was looking for one. More players started coming… Read more Breach and Attack Simulation – BAS Products Compared →
Australia Signal Directorate (ASD) and Australia Cyber Security Centre (ACSC) has defined a strategy called Essential Eight to help organizations mitigate threats and adversaries. These eight strategies are baselines and… Read more How to protect your organization using Essential Eight mitigation strategy? →
Your SIEM (Security Information and Event Management)’s ROI depends on how effectively you tune it. Data sources like Firewall, AD server, File server, generates millions of logs every day. Without… Read more How to reduce noise in your SIEM? →
Every time I get a requirement to monitor critical events from a vendor, I have to go through multiple documents to understand and collate information about the vendor, the log… Read more Events of Interest to monitor in Cisco ASA Firewall/IPS →
Active directory in Windows have some built in features to set restriction for passwords created in your environment. How cool would it be if we can compare the passwords used… Read more Active Directory Password Audit – Using Pwned Passwords →
Every time when you sign up to a new service online, you would have to create a password. As a security measure, every site will ask you to create a… Read more Password hygiene. How to create strong passwords and manage them? →
When you download software from trusted sources like Microsoft or Google you don’t have to worry much about trustworthiness. But when you download software or any files from random sites or programs sent by friends, how do you verify them? When we download file or software from unknown sites, we can scan it with our Antivirus(AV) software to check if it is safe to use or a malicious one. What if the actual file is malicious and your AV is not aware of it? Yes, it is possible. It could… Read more Installing unknown software? Read this before you proceed. →