5 min
Automation and Orchestration
How to Install OpenVPN on Windows
Synopsis
With the growth of online privacy and security concerns, as well as people
wanting to work around geo-restrictions, VPNs are becoming much more mainstream.
They no longer rest in the realm of security professionals and the overly
paranoid. OpenVPN is the most secure VPN protocol you can use and this guide
will teach you what it is, as well as how to install it on Windows.
If you are looking to install OpenVPN on another operating system, visit their
website
[https://openvpn.net/index.
5 min
IT Ops
The Generosity of Thought: Caring and Sharing in the Open Source Community
I want to share something with you that is pretty amazing. But, before I do,
allow me to provide the backstory.
The Backstory
I’ve been using Open Source Software (OSS) for a while now. I started with the
big ones, Apache [http://apache.org/], Maven [http://maven.apache.org/], MySQL
[http://www.mysql.com/], etc…. But, as time went on and my work became more
specialized, I started using smaller projects. When you use the big projects
such as Maven and Apache, there’s a boatload of books, video
3 min
Komand
3 Steps for Effective Information Security Event Triage [Infographic]
Before you jump into action when a security alrm sounds, you need to first
assess what happened. Pulling together the details of the event will help you
determine if there is a real security incident, and if so, how you will need to
respond.
But often in the frenzy of security alerts, we get caught up in processes or
start jumping to conclusions without enough info. This can lead to a haphazard
incident response.
From my experience, there's a simpler way; one that is efficienct, not bogged
dow
4 min
Automation and Orchestration
Burp Series: Intercepting and modifying made easy
Synopsis
As a penetration tester I have many tools that I use to help with web
application testing, but the one tool that never lets me down is Burp suite by
portswigger. Burp suite is an intercepting proxy that allows you to modify and
inspect web traffic, it comes in two flavors, free and paid. The free version
is powerful enough to assist any pen test engineer, whereas the paid version
will add extra features to make your tests go smoother and faster.
I am going to walk you through the beg
7 min
Komand
How to Render Components Outside the Main ReactJS App
We use React here at Komand as one of our core libraries in our front-end
applications and while it does a great job of abstracting away the code for
managing the DOM, sometimes that can be problematic. With React, you have JSX
which is just XML sugar for declaring what DOM elements you want React to
render. React just renders the elements where they are defined within the JSX.
For example, this JSX…
<div className=“content”>
Content
<Modal>
I’m a modal
</Modal>
</div>
... would res
5 min
IT Ops
Solving the expression problem
If you look at any OO-based codebase of a nontrivial size, you’ll [hopefully]
find well understood behavior formalized and encapsulated through the effective
use of polymorphism- either via interfaces which decouple calling code from a
types’ implementation, or via sub typing to share code common to multiple types.
To take an example from a statically typed language like Java, let’s look at the
Map interface and a few of its implementations in the standard library:
A receiving method which
6 min
Honeypots
Introduction to Honeypots
Synopsis
With an ever-increasing number of methods and tactics used to attack networks,
the goal of securing a network must also continually expand in scope. While
traditional methods such as IDS/IPS systems, DMZ’s, penetration testing and
various other tools can create a very secure network, it is best to assume
vulnerabilities will always exist, and sooner or later, they will be exploited.
Thus, we need to continuously find innovative ways of countering the threats,
and one such way is to depl
6 min
Komand
SOC Series: How to Make a Security Operations Center More Efficient
You have your security operations center (SOC)
[https://www.rapid7.com/fundamentals/security-operations-center/] in place, now
what?
Creating a SOC is not a cheap undertaking, so to be sure your investment in
people and resources pays off, your next task is to make it as efficient as
possible. Efficiency drives time-to-response, and with intrusion detection and
incident response, optimizing for this metric is crucial. Over the long term, it
also becomes more cost-effective.
I’ve seen the good
5 min
Komand
Early Warning Detectors Using AWS Access Keys as Honeytokens
Deception lures are all of the rage these days
[http://blogs.gartner.com/anton-chuvakin/2016/11/21/our-applying-deception-technologies-and-techniques-to-improve-threat-detection-and-response-paper-is-published/?utm_content=buffera88d3&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer]
, and when deployed properly, are extremely low overhead to maintain and trigger
little to no false alarms. Honeytokens, closely related to honeypots, are
‘tripwires’ that you leave on machines and data
4 min
Komand
Adding Proactive Components to Your Incident Response Process
Effectiveness in security operations is a common theme these days. Often,
security teams already have a long list of ways to optimize their current
programs and processes, but not enough time to endlessly fiddle with the
details. Choosing methods to boost effectiveness usually comes down to scale of
impact and, ultimately, priority.
One high visibility way to improve your response times, and, as a result, the
success of your team is by shifting from a reactive security posture to a
proactive on
3 min
Komand
3 Signals Your Security Workflows Are Inefficient
When valuable time is spent on mundane tasks, it means that there isn’t enough
for strategic planning or timely response to security events and incidents.
That’s how threats go unnoticed and vulnerabilities remain open for days, weeks,
or months at a time. With the cost of a data breach averaging $4 million
[http://www-03.ibm.com/security/data-breach/], this can’t be ignored.
Every security team worth its salt wants to:
* Prove their value by doing high-value and strategic work, and;
* Catch
8 min
Automation and Orchestration
How to Use OpenVAS to Audit the Security of Your Network (2/2)
Synopsis
Last time
[/2016/11/08/how-to-use-openvas-to-audit-the-security-of-your-network-12/], we
discussed how to install the Open Vulnerability Assessment System (OpenVAS), on
Debian GNU/Linux. OpenVAS is a Free/Libre software product that can be used to
audit the security of an internal corporate network and find vulnerabilities in
a free and automated fashion. Now that we have access to the Greenbone Security
Assistant web application, the tool that will allow us to manage and configure
Open
5 min
IT Ops
Node.js as a Proxy to Logentries.com
Logging from the client side of a web application can seem like a challenge.
The web browser exposes everything to the user. There is no way to hide
anything delivered to the client from prying eyes, including your log token to
your Logentries
[https://logentries.com/centralize-log-data-automatically/?le_trial=nodejs_as_a_proxy-logentries_blog-post_cta-create_trial&utm_campaign=nodejs_as_a_proxy&utm_source=logentries_blog&utm_medium=post_cta&utm_content=create_trial]
log. There is no relia
3 min
InsightIDR
How to Troubleshoot Slow Network Issues With Network Traffic Analysis
In this blog, we discuss how to troubleshoot slow network issues with Network Traffic Analysis.
1 min
Automation and Orchestration
A Guide on Security Automation Best Practices
Ask three different security teams what is holding them back from faster
time-to-response and chances are you’ll get three different answers:
1. Manual, time-intensive processes
2. Lack of integrated tools
3. Lack of development resources
All of these problems exist across both big and small companies in any industry,
from healthcare to finance to e-commerce. But in a digital world where attacks
are both prevalent and pervasive, defenders always need to be a step (if not
two) ahead.
This i