Zeekurity Zen – Part IX: How To Update Zeek
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
Elastic Explained: How-To Guides For The Elastic Stack
Elastic develops the popular log analytics platform, the Elastic Stack, which supports a variety of search, observability, and security use cases through its many out of the box integrations. It's a great platform for collecting, analyzing, and visualizing data from...
How To Deploy Elastic Agent on macOS with Microsoft Intune
This guide details how to deploy Elastic Agent on macOS using Intune. For Windows, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security...
How To Deploy Elastic Agent on Windows with Microsoft Intune
This guide details how to deploy Elastic Agent on macOS using Intune. For macOS, please use my companion guide. Using Elastic Agent with Elastic SIEM is a great way to secure and monitor your environment. Not only does it provide full endpoint security capabilities,...
Secure and Monitor Microsoft 365 with Elastic
Overview In this blog, we’ll walkthrough the custom Microsoft 365 dashboards presented in my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021. So, you checked out my Securing Microsoft 365 with Elastic talk at ElasticON Global 2021 and got excited...
Zeekurity Zen – Part VIII: How to Send Zeek Logs to Elastic
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
Zeekurity Zen – Part VII: Zeek To Understand Encryption
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
Zeekurity Zen – Part VI: Zeek File Analysis Framework
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
Zeekurity Zen – Part V: Zeek Intelligence Framework
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
Attacking The BlueKeep
R-C-E, It’s Easy as R-D-P On May 14, 2019, Microsoft published a security advisory regarding a critical remote code execution (RCE) vulnerability (CVE-2019-0708) affecting Remote Desktop Services (RDP) on older versions of Windows including XP, Vista, 7 and Server...
Palo Alto Firewall: GlobalProtect VPN How-To Guide
This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. Overview So you've got your Palo Alto firewall successfully protecting your home network, blocking known malicious sites, and allowing...
Palo Posts: How-To Guides For Palo Alto Firewalls
Palo Alto manufactures industry-leading firewall hardware, combining a number of traditional security point solutions into one single platform. The following is a collection of how-to guides to help you get the most from your Palo Alto firewall on a home or small...
Zeekurity Zen – Part IV: Threat Hunting With Zeek
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Used Zeek Package Manager to install packages. Configured Zeek to send logs to Splunk...
The Fal.Con Has Landed
California Dreamin' In early November 2019, I found myself in sunny California for CrowdStrike’s third annual Fal.Con UNITE conference at the Sheraton San Diego Hotel & Marina. As a big fan of the CrowdStrike platform, I was excited that CrowdStrike invited me to...
Zeekurity Zen – Part II: Zeek Package Manager
This is part of the Zeekurity Zen Zeries on building a Zeek (formerly Bro) network sensor. Overview In our Zeek journey thus far, we've: Set up Zeek to monitor some network traffic. Now we'll introduce the Zeek Package Manager to extend Zeek's functionality with...