The Federally funded organization MITRE has been a godsend to Cybersecurity and Threat Hunting taxonomy. I for one am a huge fan of what they’ve achieved for the community — efficient Attack Techniques, Tactics & Common Knowledge. Oh look at that, effective ATT&CK! With their Database of threats you can…

./trends Of course some of the topics mentioned below will encompass ongoing matters that have been predicted in the past, but it will also include information seen by third-party analysts such as Gartner and other sources (all will be mentioned for your further inspection and study). For this I’m looking at…

This is part 1 of the Certification studies. The exam is AWS Certified Solutions Architect — Associate exam (SAA-C02) and it is comprised of 4 domains: Design Resilient Architectures Design High-Performing Architectures Design Secure Applications and Architectures Design Cost-Optimized Architectures It does rely on a lot of theoretical and hands-on…

It’s no secret that Cloud Service Provider such as AWS, Azure and Google Cloud Platform are central to modern companies’ IT Infrastructure. We’ve seen how Cloud Service Providers are powering Digital transformation with their ability to deliver fast, prompt and affordable services. Cloud Native is a term that can define…

By now we should all be aware of MITRE and their many different Frameworks for Threat-Informed Defense. I’ve explored some of them in a few occasions already where I discussed Leveraging MITRE ATT&CK for Threat-Informed Defense. And how some of their other tools can help Defense teams with part of…

This is a continuation of the discussion around Honeypot. This is a pet (perhaps vegetal, since it’s honey related?) project of mine, playing around with a honeypot to feed information into tools I work with. For this I’ve chosen Telekom’s T-POT, a great ready-to-use and easy to setup honeypot based…

Log Management is a foundation field of IT admin. It’s needed for administration, troubleshooting and auditing — think of any industry standard or legislation/regulation and Logging will be a mandatory activity. In fact, it’s so important that it has its own, dedicated NIST publication, SP800–92 — which is a bit…

I have covered Cloud security tools such as CSPM more than a few times by now. Microsoft Defender for Cloud (MDC) is capable of alerting and flagging multiple suspicious activities in a myriad of Azure-native workloads, but also in Multi-cloud and Hybrid workloads. As an important feature, MDC, includes the…