Using Elastic Curator To Clean Up ELK

I recently setup ELK in order to begin collecting logs from Sysmon for security monitoring in my lab. The problem I could foresee running into was the issue of disk space. Unfortunately when my ELK server runs out of space, it runs out of space. I needed a way to...
Read More

Honey Accounts

I recently saw a tweet mentioning the use of an AD account with the password in the description attribute and logon hours set to none. I can’t find that tweet anymore so I apologize for the lack of attribution. The idea is that when someone does breach your network perimeter,...
Read More

HTTP Security Headers

HTTP security headers seem to be findings on nearly every assessment I have been doing lately. I decided to come up with some handy quick references for these headers in order to better understand them. HTTP Response headers are a way for a server and client to exchange information. In...
Read More

How I Got Started in InfoSec

Lately there seems to be a huge movement to help get more people in infosec roles. I have been seeing more and more talks at cons regarding this topic as well as helpful blogs and other resources. There is even a project called InfoSec Mentors that helps put mentees in...
Read More