PinnedMember-onlyHow to detect if someone is attempting to crack your Wi-fiWi-Fi is a fundamental access medium to the internet (read: “World”) nowadays, I don’t think most people think too much about its security or the importance it has when they’re accessing their personal banking information or even work data, with current’s remote from work prevalent policies. This technology however is…Infosec5 min read
PinnedMember-onlyLeveraging MITRE tools for effective Threat Informed ArchitectureThe Federally funded organization MITRE has been a godsend to Cybersecurity and Threat Hunting taxonomy. I for one am a huge fan of what they’ve achieved for the community — efficient Attack Techniques, Tactics & Common Knowledge. Oh look at that, effective ATT&CK! With their Database of threats you can…Cybersecurity7 min read
PinnedMember-onlyCyber security Trends for 2022./trends Of course some of the topics mentioned below will encompass ongoing matters that have been predicted in the past, but it will also include information seen by third-party analysts such as Gartner and other sources (all will be mentioned for your further inspection and study). For this I’m looking at…Cybersecurity3 min read
Published in AWS in Plain English·PinnedMember-onlyAWS Solutions Architect Certification— Cloud Fundamentals for AWSThis is part 1 of the Certification studies. The exam is AWS Certified Solutions Architect — Associate exam (SAA-C02) and it is comprised of 4 domains: Design Resilient Architectures Design High-Performing Architectures Design Secure Applications and Architectures Design Cost-Optimized Architectures It does rely on a lot of theoretical and hands-on…AWS5 min read
PinnedMember-onlyCloud Security Posture Management and avoiding the top cloud misconfiguration issuesIt’s no secret that Cloud Service Provider such as AWS, Azure and Google Cloud Platform are central to modern companies’ IT Infrastructure. We’ve seen how Cloud Service Providers are powering Digital transformation with their ability to deliver fast, prompt and affordable services. Cloud Native is a term that can define…Cloud3 min read
4 hours agoMember-onlyHow to use MITRE’s Top ATT&CK Techniques tool — MITRE tools for Threat Informed DefenseBy now we should all be aware of MITRE and their many different Frameworks for Threat-Informed Defense. I’ve explored some of them in a few occasions already where I discussed Leveraging MITRE ATT&CK for Threat-Informed Defense. And how some of their other tools can help Defense teams with part of…Cybersecurity5 min read
Aug 1Member-onlyA “T-POT” honeypot experiment #1This is a continuation of the discussion around Honeypot. This is a pet (perhaps vegetal, since it’s honey related?) project of mine, playing around with a honeypot to feed information into tools I work with. For this I’ve chosen Telekom’s T-POT, a great ready-to-use and easy to setup honeypot based…Security2 min read
Published in Microsoft Azure·Jul 25Member-onlyLog Management Fundamentals for Cybersecurity EngineersLog Management is a foundation field of IT admin. It’s needed for administration, troubleshooting and auditing — think of any industry standard or legislation/regulation and Logging will be a mandatory activity. In fact, it’s so important that it has its own, dedicated NIST publication, SP800–92 — which is a bit…Cybersecurity6 min read
Jul 21[Some Interesting] Cloud ‘n Sec newsWhat’s worth your reading time A quick note on this project, the previous was my last entry on my weekly newsletter. I will be moving to creating a summary of relevant Threat Intel information, but less from an operational perspective and more from Tactical and Strategic angles. This means I…News1 min read[Some Interesting] Cloud ‘n Sec newsWhat’s worth your reading timeA quick note on this project, the previous was my last entry on my weekly newsletter.I will be moving to creating a summary of relevant Threat Intel information, but less from an operational perspective and more from Tactical and Strategic angles.This means I…----
Published in Microsoft Azure·Jul 21Member-onlyAlert management in your Microsoft Defender for CloudI have covered Cloud security tools such as CSPM more than a few times by now. Microsoft Defender for Cloud (MDC) is capable of alerting and flagging multiple suspicious activities in a myriad of Azure-native workloads, but also in Multi-cloud and Hybrid workloads. As an important feature, MDC, includes the…Cloud4 min read