Welcome to the first post in the series āTools You Should Knowā. In this series, Iāll go over some of the tools and services that Iāve found useful in the past. The focus will be on Microsoft 365 and Azure, but I might look to expand with other cloud providers...
[Read More]
Automating Security Monitoring - Part 2: Automation
A look at automating alerts and incident-handling.
Letās get straight to the point; security monitoring is the process of consuming data, analyzing it and detecting malicious activity, then handling that malicious activity. There are more factors at play that will influence some of your decisions:
[Read More]
Automating Security Monitoring - Part 1: Data
A look at how to get started automating security monitoring (or just stuff in general).
Lately Iāve been presenting a few times on the topic of automation and in particular for security monitoring to combat alert fatigue. One of the most important parts of this is the automation part. Itās not so much about security or security monitoring, but about teaching what automation is, what...
[Read More]
Christmas Wrappers - Part 2
How to create a wrapper script in Powershell
Following up on my latest post, Christmas Wrappers - Part 1, weāll be looking at how to expand our wrapper script in Powershell. In the last post we created a wrapper script for the MISP API. In this post weāll be adding functionality to the wrapper script.
[Read More]
Christmas Wrappers - Part 1
How to create a wrapper script in Powershell
One of my earliest posts was āBuilding a functionā. It was my attempt at teaching people to build a function in Powershell. Itās a bit outdated now, but I still think itās a decent read - however, the time has come to revisit the topic of Powershell-functions. This time, in...
[Read More]