security automation blog

Let’s get straight to the point; security monitoring is the process of consuming data, analyzing it and detecting malicious activity, then handling that malicious activity. There are more factors at play that will influence some of your decisions: [Read More]

Lately I’ve been presenting a few times on the topic of automation and in particular for security monitoring to combat alert fatigue. One of the most important parts of this is the automation part. It’s not so much about security or security monitoring, but about teaching what automation is, what... [Read More]

Following up on my latest post, Christmas Wrappers - Part 1, we’ll be looking at how to expand our wrapper script in Powershell. In the last post we created a wrapper script for the MISP API. In this post we’ll be adding functionality to the wrapper script. [Read More]

One of my earliest posts was “Building a function”. It was my attempt at teaching people to build a function in Powershell. It’s a bit outdated now, but I still think it’s a decent read - however, the time has come to revisit the topic of Powershell-functions. This time, in... [Read More]

Early on in my career I had this weird aversion for people who wrote blogs. I’m pretty sure at least part of it was a result of the nordic phenomenon called the Law of Jante, which can be summarized as a code of conduct used colloquially to denote a social... [Read More]