Josh Rickard, Author at Security Boulevard
Common REST API Authentication Methods Explained

Common REST API Authentication Methods Explained

| | Use Cases
When it comes to implementing automation and orchestration, it is critical to understand how authentication works with APIs. The majority of the products in your environment likely have some sort of authentication mechanism. You need to know the nuances and differences between various authentication methods in order to automate communications ... Read More

Swimlane Releases elk-tls-docker to Simplify the Testing and Deployment of Elastic Stack

| | security operations
At Swimlane, we love to automate but we also love building and sharing open-source software (OSS) to help security teams. We are proud to announce that we have released a new open-source project called elk-tls-docker to make it easier for you to test and deploy Elastic Stack by automating the ... Read More
Automating ATT&CK Testing with SOAR and Atomic Red Team

Automating ATT&CK Testing with SOAR and Atomic Red Team

| | Use Cases
MITRE ATT&CK is the defacto framework for organizations to measure their defense posture. ATT&CK provides categorical verticals in the form of tactics, which align to the common methodologies attackers use. Within these verticals are a set (and subsets) of common ways in which attackers accomplish a tactic (vertical). These are ... Read More
Automating ATT&CK Testing with SOAR and Atomic Red Team

Automating ATT&CK Testing with SOAR and Atomic Red Team

| | Use Cases
MITRE ATT&CK is the defacto framework for organizations to measure their defense posture. ATT&CK provides categorical verticals in the form of tactics, which align to the common methodologies attackers use. Within these verticals are a set (and subsets) of common ways in which attackers accomplish a tactic (vertical). These are ... Read More
Making MITRE ATT&CK Actionable

Making MITRE ATT&CK Actionable

The Swimlane Deep Dive team is excited to announce the release of pyattck 2.0 and an equivalent PowerShell version called PSAttck. These open-source tools provide security operations centers (SOCs), defenders and offensive security teams with external data points that enrich MITRE ATT&CK by providing potential commands, queries and even detections ... Read More
Responding to Insider Threats with SOAR

Responding to Insider Threats with SOAR

Insider threats occur when an individual with ties to an organization misuses their access for malicious intent, such as stealing intellectual property or other data. Detecting insider threats can be difficult. But by using a security information and event management (SIEM) system or data loss prevention (DLP) products, you can ... Read More
Identify Malicious Domains using SOAR

Identify Malicious Domains using SOAR

Domain Squatting, typosquatting and IDN homograph attacks are commonplace when it comes to phishing and other forms of social engineering. Attackers use domain squatting and typosquatting of domains to trick users into providing their credentials, distribute malware, harm an organization’s reputation, or otherwise maliciously impersonate a legitimate domain. We've discussed ... Read More
You don’t have Windows 7 in your environment, do you?

You don’t have Windows 7 in your environment, do you?

| | News and Events
Today is the day. Microsoft Windows 7 is officially end-of-life (EOL). The Windows 7 operating system was released on October 22, 2009. For 10 years now, IT and system administrators around the globe have relied on their trusty old Windows 7 OS. I mean, it was a step beyond Windows ... Read More
Investigate alerts in Microsoft Azure

Investigate alerts in Microsoft Azure

| | integrations
Alerts or detections come in many forms—some are good and some are not—and security operations center (SOC) analysts are responsible for the initial investigation into these anomalies. What’s more, when it comes to cloud-based resources, we may not have the luxury of logging everything that happens on a host operating ... Read More
How to investigate alerts in Microsoft Azure with SOAR

How to investigate alerts in Microsoft Azure with SOAR

| | integrations
Alerts or detections come in many forms—some are good and some are not—and security operations center (SOC) analysts are responsible for the initial investigation into these anomalies. What’s more, when it comes to cloud-based resources, we may not have the luxury of logging everything that happens on a host operating ... Read More
Loading...

Techstrong Group