Our Blog

Check out our collection of how-to guides, resources, and experiences.

Zeekurity Zen – Part IX: How To Update Zeek

Zeekurity Zen – Part IX: How To Update Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Elastic Explained: How-To Guides For The Elastic Stack

Elastic Explained: How-To Guides For The Elastic Stack

Elastic develops the popular log analytics platform, the Elastic Stack, which supports a variety of search, observability, and security use cases through its many out of the box integrations.  It's a great platform for collecting, analyzing, and visualizing data from...

How To Deploy Elastic Agent on macOS with Microsoft Intune

How To Deploy Elastic Agent on macOS with Microsoft Intune

This guide details how to deploy Elastic Agent on macOS using Intune.  For Windows, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment.  Not only does it provide full endpoint security...

How To Deploy Elastic Agent on Windows with Microsoft Intune

How To Deploy Elastic Agent on Windows with Microsoft Intune

This guide details how to deploy Elastic Agent on macOS using Intune.  For macOS, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment.  Not only does it provide full endpoint security capabilities,...

Secure and Monitor Microsoft 365 with Elastic

Secure and Monitor Microsoft 365 with Elastic

Overview In this blog, we’ll walkthrough the custom Microsoft 365 dashboards presented in my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021. So, you checked out my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021 and got excited...

Zeekurity Zen – Part VIII: How to Send Zeek Logs to Elastic

Zeekurity Zen – Part VIII: How to Send Zeek Logs to Elastic

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Zeekurity Zen – Part VII: Zeek To Understand Encryption

Zeekurity Zen – Part VII: Zeek To Understand Encryption

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Zeekurity Zen – Part VI: Zeek File Analysis Framework

Zeekurity Zen – Part VI: Zeek File Analysis Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Zeekurity Zen – Part V: Zeek Intelligence Framework

Zeekurity Zen – Part V: Zeek Intelligence Framework

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

Attacking The BlueKeep

Attacking The BlueKeep

R-C-E, It’s Easy as R-D-P On May 14, 2019, Microsoft published a security advisory regarding a critical remote code execution (RCE) vulnerability (CVE-2019-0708) affecting Remote Desktop Services (RDP) on older versions of Windows including XP, Vista, 7 and Server...

Palo Alto Firewall: GlobalProtect VPN How-To Guide

Palo Alto Firewall: GlobalProtect VPN How-To Guide

This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. Overview So you've got your Palo Alto firewall successfully protecting your home network, blocking known malicious sites, and allowing...

Palo Posts: How-To Guides For Palo Alto Firewalls

Palo Posts: How-To Guides For Palo Alto Firewalls

Palo Alto manufactures industry-leading firewall hardware, combining a number of traditional security point solutions into one single platform. The following is a collection of how-to guides to help you get the most from your Palo Alto firewall on a home or small...

Zeekurity Zen – Part IV: Threat Hunting With Zeek

Zeekurity Zen – Part IV: Threat Hunting With Zeek

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...

The Fal.Con Has Landed

The Fal.Con Has Landed

California Dreamin' In early November 2019, I found myself in sunny California for CrowdStrike’s third annual Fal.Con UNITE conference at the Sheraton San Diego Hotel & Marina.  As a big fan of the CrowdStrike platform, I was excited that CrowdStrike invited me to...

Zeekurity Zen – Part II: Zeek Package Manager

Zeekurity Zen – Part II: Zeek Package Manager

This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Now we'll introduce the Zeek Package Manager to extend Zeek's functionality with...

Transform Your Business & Securely Operate at Peak Efficiency