The content discusses various security challenges associated with Large Language Models (LLMs) and emphasizes the OWASP Top 10 framework for identifying vulnerabilities. It offers open-source detection tools and practical implementation tips to enhance LLM security, including regular audits, incident response planning, and ongoing team training, highlighting the importance of adaptability in security measures.
Amazon Web Services (AWS) offers a wide range of API calls that allow users to control and manage their resources. However, some of these API calls are considered to be high privilege or disruptive, meaning that they can have a significant impact on your AWS account if used incorrectly. In this blog post, I will... Continue Reading →
In today's threat landscape more and more threats like fileless malware and ransomware leverage PowerShell during the exploitation stage. In this post I have written some of the best ways to monitor and detect malicious PowerShell scripts. Let's begin with some of the best practices for using PowerShell in your environment Limit PowerShell to only... Continue Reading →
10 years ago, when Gartner defined SIEM (Security Information and Event Management) it was trending in the cybersecurity landscape, and every organization was looking for one. More players started coming in with different set of architecture and deployment based on organizations size and requirements. Even now there are new companies coming up with a new... Continue Reading →
Australia Signal Directorate (ASD) and Australia Cyber Security Centre (ACSC) has defined a strategy called Essential Eight to help organizations mitigate threats and adversaries. These eight strategies are baselines and can be used as a starting point for organizations and then strengthen up the defense. In this post, I have explained the eight strategies and... Continue Reading →
Your SIEM (Security Information and Event Management)'s ROI depends on how effectively you tune it. Data sources like Firewall, AD server, File server, generates millions of logs every day. Without proper audit policy and SIEM filters, 80% of logs are noise. If you do not tune it, you will not get real value from your... Continue Reading →
When I receive a request to monitor critical events from a vendor, it becomes a cumbersome task to gather information about the vendor, log schema, and event types. This information is not readily available through a simple online search. To simplify the process, I am providing a consolidated list of Cisco ASA events that are... Continue Reading →
Active directory in Windows have some built in features to set restriction for passwords created in your environment. How cool would it be if we can compare the passwords used in your AD environment with the passwords disclosed in breach database? By doing this you can ensure that none of your users are using weak... Continue Reading →
CyberSec Talk 