7 min
Komand
How to Render Components Outside the Main ReactJS App
We use React here at Komand as one of our core libraries in our front-end
applications and while it does a great job of abstracting away the code for
managing the DOM, sometimes that can be problematic. With React, you have JSX
which is just XML sugar for declaring what DOM elements you want React to
render. React just renders the elements where they are defined within the JSX.
For example, this JSX…
<div className=“content”>
Content
<Modal>
I’m a modal
</Modal>
</div>
... would res
6 min
Komand
SOC Series: How to Make a Security Operations Center More Efficient
You have your security operations center (SOC)
[https://www.rapid7.com/fundamentals/security-operations-center/] in place, now
what?
Creating a SOC is not a cheap undertaking, so to be sure your investment in
people and resources pays off, your next task is to make it as efficient as
possible. Efficiency drives time-to-response, and with intrusion detection and
incident response, optimizing for this metric is crucial. Over the long term, it
also becomes more cost-effective.
I’ve seen the good
5 min
Komand
Early Warning Detectors Using AWS Access Keys as Honeytokens
Deception lures are all of the rage these days
[http://blogs.gartner.com/anton-chuvakin/2016/11/21/our-applying-deception-technologies-and-techniques-to-improve-threat-detection-and-response-paper-is-published/?utm_content=buffera88d3&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer]
, and when deployed properly, are extremely low overhead to maintain and trigger
little to no false alarms. Honeytokens, closely related to honeypots, are
‘tripwires’ that you leave on machines and data
4 min
Komand
Adding Proactive Components to Your Incident Response Process
Effectiveness in security operations is a common theme these days. Often,
security teams already have a long list of ways to optimize their current
programs and processes, but not enough time to endlessly fiddle with the
details. Choosing methods to boost effectiveness usually comes down to scale of
impact and, ultimately, priority.
One high visibility way to improve your response times, and, as a result, the
success of your team is by shifting from a reactive security posture to a
proactive on
3 min
Komand
3 Signals Your Security Workflows Are Inefficient
When valuable time is spent on mundane tasks, it means that there isn’t enough
for strategic planning or timely response to security events and incidents.
That’s how threats go unnoticed and vulnerabilities remain open for days, weeks,
or months at a time. With the cost of a data breach averaging $4 million
[http://www-03.ibm.com/security/data-breach/], this can’t be ignored.
Every security team worth its salt wants to:
* Prove their value by doing high-value and strategic work, and;
* Catch
8 min
Automation and Orchestration
How to Use OpenVAS to Audit the Security of Your Network (2/2)
Synopsis
Last time
[/2016/11/08/how-to-use-openvas-to-audit-the-security-of-your-network-12/], we
discussed how to install the Open Vulnerability Assessment System (OpenVAS), on
Debian GNU/Linux. OpenVAS is a Free/Libre software product that can be used to
audit the security of an internal corporate network and find vulnerabilities in
a free and automated fashion. Now that we have access to the Greenbone Security
Assistant web application, the tool that will allow us to manage and configure
Open
4 min
Komand
The 5 Security Processes That Should Be Automated
According to CSO Online, the average time it takes a security team of a
mid-sized company to respond to a successful attack is 46 days
[http://www.csoonline.com/article/2989302/cyber-attacks-espionage/average-business-spends-15-million-battling-cybercrime.html]
. This includes time spent manually investigating the incident, analyzing the
data, jumping between unintegrated systems during triage, and coordinating the
response. And while there are many reasons for slow incident response times,
manu
4 min
Automation and Orchestration
How to Use OpenVAS to Audit the Security of Your Network (1/2)
Synopsis
The Open Vulnerability Assessment System [http://www.openvas.org/index.html]
(OpenVAS), is a Free/Libre [https://www.gnu.org/philosophy/free-sw.html]
software product that can be used to audit the security of an internal corporate
network and find vulnerabilities in a free and automated fashion. It is a
competitor to the well known Nessus vulnerability scanning tool. Analyzing the
results from tools like Nessus or OpenVAS is an excellent first step for an IT
security team working to c
4 min
Automation and Orchestration
What is Penetration Testing?
Synopsis
Penetration testing [https://www.rapid7.com/fundamentals/penetration-testing/]
or as most people in the IT security field call it, pen testing, is the testing
of software and hardware for vulnerabilities or weaknesses that an attacker
could exploit. In the IT world this usually applies, but is not limited to, PCs,
networks, and web applications. Also known as “red teaming
[https://www.rapid7.com/fundamentals/what-is-a-red-team/]” pen testing is done
by everyone from government agencies
3 min
Komand
How Security Orchestration and Automation Saves up to 83% of Time Spent Investigating Alerts
You have the tools to detect and notify your team about security threats. You’ve
hired the best security practitioners who know what an effective security
posture looks like. You’re all set to stop attackers from compromising your
systems.
Just one more thing: How can you maximize the value of these resources,
especially in the face of complex threats and a huge volume of alerts?
While processes can go a long way in harmonizing your tools and personnel to
accelerate tedious tasks such as alert
3 min
Automation and Orchestration
Cross Site Scripting (XSS) Attacks
Synopsis
Cross Site Scripting (XSS) Attacks
[https://www.rapid7.com/fundamentals/cross-site-scripting/] are the second
category of the three largest web attacks used today. Here, we’ll set up a node
server to demonstrate an XSS attack, see browser based XSS prevention, and
finally discuss what further exploits exist based on this attack.
Setup
Here’s our normal, tiny node server to demonstrate XSS.
Create the file server.js as follows:
var http = require('http');
var url = require('url');
7 min
Komand
Defender Spotlight: Mike Arpaia of Kolide
Welcome to Defender Spotlight! In this monthly blog series, we interview
cybersecurity defenders of all varieties about their experience working in
security operations. We’ll inquire about their favorite tools, and ask advice on
security topics, trends, and other know-how.
In this edition, we spoke with Mike Arpaia, the Co-Founder and CSO of Kolide
[https://kolide.co/].
Mike is the original creator of osquery [https://osquery.io/], which he created,
open-sourced, and widely deployed while work
6 min
Automation and Orchestration
SQL Injection Attacks
Synopsis
Let’s examine, understand, and learn how to prevent one of the most common
attacks [https://www.rapid7.com/fundamentals/types-of-attacks/] people use to
‘hack’ websites, SQL injection attacks
[https://www.rapid7.com/fundamentals/sql-injection-attacks/].
Setup
We’ll start by setting up an ultra-lightweight PHP page (server side) connected
to a MySQL database, simulating a web application.
We need mysql and php. On macOS:
$ brew install mysql && brew install php
On Linux:
Install m
4 min
Komand
The Komand Tech Stack: Why We Chose Our Technology
Choosing a technical stack that fits your organization's needs can be tough.
When choosing the technology to build your product, there are a few things to
consider:
* The experience of the team
* The impact on recruiting efforts (e.g., how easy will it be to find these
skills)
* The ability to execute fast and to maintain quality
We took all of these points into heavy consideration when choosing the Komand
tech stack. Below is a breakdown of what we chose, why we
9 min
Komand
Microservices – Please, don’t
This article originally appeared on Basho.
[http://basho.com/posts/technical/microservices-please-dont/] It is adapted from
a lightning talk Sean gave at the Boston Golang meetup in December of 2015.
For a while, it seemed like everyone was crazy for microservices. You couldn’t
open up your favorite news aggregator of choice without some company you had
never heard of touting how the move to microservices had saved their engineering
organization. You may have even worked for one of those compan