Latest Blogs

Application Security in 2022 Misses the Big Picture

I recently ran an unofficial poll on LinkedIn asking how people found every instance of Log4J in their application portfolio. The options I gave were CMDB (Configuration Management Database), SBOM (Software Bill of Materials), SCA (Software Composition Analysis), and internal detective work. The overwhelming majority, 54% to be exact, said internal detective work. These results got me thinking as organizations spend millions of dollars a year on CMDB, SBOM, and SCA technologies.

DevSecOps tool examples that will alleviate your workload

Nowhere is this more apparent than in DevSecOps where developers and releases outnumber security experts by thousands to one. It’s simply not feasible for the security teams to manually tackle flagged issues with any kind of accuracy—and have any time left in the day to - you know - eat and sleep!

You Didn't Ask? Well, the SOC Evolution Answered Anyway

Let me begin by stating the obvious: The cyberattack surface is growing exponentially and diversely. Essentially, it’s a bigger shark and we’ve got the same small boat. The environments, platforms, services, regions and time zones that constitute modern enterprise operations and drive digital transformation for business continue to require increasing specialization and expertise beyond current in-house capabilities.

Bringing home the beacon (from Cobalt Strike)

Elastic Security engineers have documented a less tedious way to find network beaconing from Cobalt Strike. In their full analysis (), Elastic Security team researchers Andrew Pease, Derek Ditch, and Daniel Stepanic walk users through the Elastic fleet policy, how to collect the beacon, beacon configuration, how to analyze its activity, and how you can set it up in your organization’s environment.

How to Use SSH Agent Safely

The SSH agent (ssh-agent) is an SSH key manager that stores the SSH key in a process memory so that users can log into SSH servers without having to type the key’s passphrase every time they authenticate with the server. In addition to the key management feature, SSH agent supports agent forwarding, which helps to authenticate with servers that sit behind a bastion or jump server.

Mind the MPLog: Leveraging Microsoft Protection Logging for Forensic Investigations

In an incident response investigation, CrowdStrike analysts use multiple data points to parse the facts of who, what, when and how. As part of that fact-finding mission, analysts investigating Windows systems leverage the Microsoft Protection Log (MPLog), a forensic artifact on Windows operating systems that offers a wealth of data to support forensic investigations. MPLog has proven to be beneficial in identifying process execution and file access on systems.

Threat intelligence outlook 2022: what we can learn from the past year

In this blog post, we discuss the key security issues of the last year and explore what this could mean for 2022. With the continuous exploitation of vulnerabilities which took place in 2021 likely to continue in 2022 and beyond, organisations can benefit from conducting tabletop exercises using some of the scenarios presented below.

NFTs - Protecting the investment

This blog was written by an independent guest blogger. Non-fungible tokens (NFTs) are the new player in the financial investment market. They’ve seen tremendous interest from a wide range of parties, whether that be institutional investors or retail hobbyists looking to find an angle. As with anything involving money, malicious actors are already starting to take hold; Insider magazine recently highlighted the 265 Ethereum (roughly $1.1 million) theft due to a fraudulent NFT scheme.

Key Criteria for Choosing Mobile App Security Solution Vendor

Mobile phone apps are more popular than ever with a rapidly expanding user base each year. They have literally made everything come to the fingertips of the users and there’s a significant demand for mobile apps for just about everything, generating great competition and pressure among app developers around the world.