Made with Hugo, Hosted on S3 and served up via CloudFront

Blog

Here are the most recent blog posts. Use the menu above to see all entries.

Book Review: Operator Handbook Search. Copy. Paste. L33t ;)

By Adrian on June 16, 2020

Netmux’s Operator Handbook is 436 pages of infosec technology references with a seemingly never ending list of acknowledgements and contributors. I also love that there’s a section dedicated to Health & Wellness right at the start of the book. It’s a timely reminder that life will take everything that you give to it and more but our mental health needs to be looked after. The common signs and symptoms to look out for are put to paper, and more importantly details on how to get help and build a support system which is relevant for you, colleagues, friends, family and loved ones.

Continue reading

Adding TheHive Case Data to Splunk

By Adrian on June 14, 2020

TheHive dashboards, while they are great at showing data counts and displaying then as graphs, there is one feature that was lacking in that it cant display a data table of what those cases are. So while you can build a dashboard to get a snapshot of where your team is at, you can’t see what cases and task that are in play. While there is an open issue to add this functionality, I thought i’d try something a little different with TheHive to fill that gap, and export the case and task data into a Splunk kvstore and build it out that way.

Continue reading

Book Review: Defensive Security Handbook

By Adrian on May 31, 2020

Recently I purchased a few infosec books, one of them being the Defensive Security Handbook written by Lee Brotherston & Amanda Berlin. While this book was written back in April 2017, the information contained within is still very relevant today and will give the reader a sound footing when it comes to what you need to have as a secure baseline in your environment. There are 21 chapters that can be read from cover to cover, or each in isolation.

Continue reading

Thehive4 RC1 to RC2 Upgrade

By Adrian on May 16, 2020

With my Java issue sorted out now, here are the steps to upgrade TheHive from RC1 to RC2. This is a dirty upgrade, but since TheHive is still in Release Candidate status, we can get away with upgrading like this. Ordinarily you should ensure that you have your system backed up in case there are breaking changes. Stop TheHive service sudo service thehive stop Update apt repositories and upgrade May as well apply all the security updates while I am at it.

Continue reading