by Eric Ooi | Mar 10, 2020 | how-to, incident response, information security, vulnerability management
R-C-E, It’s Easy as R-D-P On May 14, 2019, Microsoft published a security advisory regarding a critical remote code execution (RCE) vulnerability (CVE-2019-0708) affecting Remote Desktop Services (RDP) on older versions of Windows including XP, Vista, 7 and Server... 
by Eric Ooi | Jan 15, 2015 | cool tools, information security, scripting, vulnerability management
Last year, I wrote a couple articles on how to integrate Tripwire IP360 data into Splunk. These turned out to be very popular, with a number of folks reaching out to me for a copy of my IP360 Tools script that made all the magic happen. I hesitated to give the... 
by Eric Ooi | Apr 21, 2014 | information security, scripting, vulnerability management
Introduction Inspired by my IP360 and Splunk integration project (here and here), I wanted to do the same for Tenable Nessus. In a previous role I implemented Nessus + SecurityCenter and for the most part had a positive experience. The interface was modern and I... 
by Eric Ooi | Feb 7, 2014 | information security, scripting, vulnerability management
Introduction In Part 1, I discussed how I thought integrating Tripwire IP360 vulnerability data into Splunk would be a great way to both learn Splunk and create useful and interesting vulnerability reports. I gave an overview of IP360’s vulnerability scoring... by Eric Ooi | Feb 6, 2014 | information security, scripting, vulnerability management
Introduction Over the last several months I’ve been working towards becoming a Splunk Certified Architect. To prepare, I wanted additional hands-on practice and tried to think of ways I could apply all the techniques I had learned in my classes. I happened to...