Made with Hugo, Hosted on S3 and served up via CloudFront

Blog

Here are the most recent blog posts. Use the menu above to see all entries.

Making Thehive Soar With Microsoft Power Automate and Cortex

By Adrian on December 5, 2019

Security Orchestration and Automated Response (SOAR), its the natural evolution of where security teams are heading, and as our numbers in this space seems to never be enough, we look to SOAR tools to automate to free up our time to so we can spend it doing more productive things, like drinking coffee and threat hunting. Automation brings standard and repeatable processes which could just buy us that breathing space.

Continue reading

Blink...no response

By Adrian on December 2, 2019

Defense in depth, it’s a good thing. But how much is too much? While you could argue that you can never have enough security, the answer to that question really is, how big is your wallet? You want the best of breed everything, then its going to cost you….. dearly, while it would be amazing if that level of cash could be splashed, its not always the case and its not always the best solution for your organisation.

Continue reading

Releasing My First Responder for TheHive

By Adrian on November 28, 2019

Now that I’ve gone through a series on TheHive, I’ve started to expand on the capabilities of this DFIR platform by starting to write my own Responders. Responders are essentially a way to perform an enhancement action on a given case, alert or observable. The built in Responders from the Cortex GitHub repo include a responder that will email the case or alert details to you as well as responders that interface with CrowdStrike, QRadar, Umbrella and ZeroFox.

Continue reading

Fullstack Dev

By Adrian on November 26, 2019

I’ll start with I am not a developer. I can script, and have been known to dabble in batch files, Pascal (remember that?) Visual Basic, VBS, PowerShell, C++, C# and Python, and using scripts I’ve been able to cobble up some amazing tools for myself and teams I’ve worked in. I’ve even attached nice looking GUI’s on my PowerShell scripts at times with MahApps or the lesser looking WinForms. These tools have only really been useful on the machine thats been running them.

Continue reading