Blog

The Myth of Blue Team Responsibility

As I’ve spoken with my peers in the #infosec community I’ve heard several individuals say something along the lines of “the red team only needs to find one way in, but we have to stop everything!”  I understand the feeling.  It feels like as soon as they “get in” we (blue team) have failed.  That is not the case.  Think about it this way: if the intruder has not achieved their objective, have they really succeeded?

Read More
I’ve Never Monitored my Network, How Do I Start?

Congratulations on taking the first step to securing your network; admitting that it is not secure!  That can be a tough pill to swallow.  It can be even tougher if you realize it’s insecure but you still have to present that information to your boss!  Let’s assume your boss understands your point of view and

Read More
So What’s this Linux Thing?

So you’ve heard about this “other” operating system called Linux.  You’re not really sure what it is but you heard it is free!  Well let me open this can of worms for you and share my experiences with Linux.

Read More
SIEMs, the Diamond in the Rough

We all have Security Information and Event Management (SIEM) systems tucked away in Security Operations Centers (SOC) used by cyber security analysts to keep your network safe.  SIEMs pronounced the same as the word “seams” as in the seam of your shirt, are chock full of all kinds of data.  Some SIEMs are so full that

Read More