LATEST POST

3 Results tagged on "incident":

Tools tools everywhere, not a single one they look

The Rime of the Ancient Mariner, a poem by Samuel Taylor Coleridge about an old sailor who is compelled to tell strangers about the supernatural adventures that befell him at sea after he killed an albatross, a friendly sea bird. Water water everywhere, not any drop to drink. This metaphor was so apt in the middle of the sea; so it is in the middle of thousands of logging events. Most of the security...
Read more

Wake up call. Apache Struts is being exploited

Dislaimer: It's a tale of incident response for a vulnerability dated March 2017, that wasn't patched on the server. And, someone exploited it naively. It was in the night that I received a message - "We have been hacked". As with most of the hacks, people tend to overreact (or sometimes under) and the 1st message delivers the least amount of information. It started a chain of events, and forensics to identify...
Read more

Are you using SIEM as a service?

SIEM as a service; in the cloud - Is it possible? Is it a fad? Or, is it yet to evolve? While we are catching up on cloud transformations, and moving generously in someone's data center, someone's VM or container; SIEM as well joined the cloud market. And, out emerged the companies who offer such SIEM as a Service model[1]. These companies promise to provide SIEM in the cloud, and you gather your...
Read more