Friday, November 11, 2016

Beginning Memory Forensics - Rekall - Stuxnet

Before moving forward, I would like to shout out MichaelHale Ligh for his analysis of Stuxnet using volatility . This post was basically m...
Monday, November 7, 2016

Ways to secure your password within your PowerShell scripts

This is a guest post   Mr. Troy Collins Resonantly I had a problem given to me by a colleague at work. Overview of the problem: The Citr...
Tuesday, November 1, 2016

On recruiting and retaining talented Cyber Security professionals

I recently read the Center for Strategic (CSIS) International Studies report on Recruiting and Retaining Cyber security Ninjas and have to ...
4 comments:
Sunday, October 2, 2016

Leveraging WMIC for 'live' Remote forensics

This is a continuation of the previous post . As a result, to get the most of this post you should review the previous post . T he idea here...

Leveraging WMIC for local 'live' forensics

Let's assume, that you as the incident responder within your office sitting, sipping on some coffee or whatever else you do at the offic...

Ahhhh ... That Google interview process - interesting and exciting

Recently I was reached out to for a role within Google as a Manager within its Detection Team. After completing the phone interview, I was...
1 comment:
Sunday, September 25, 2016

IBM Qradar: How to import logs from an Amazon S3 compatible log source

Many vendors nowadays are using the Amazon S3 API as a method to access and download their logs. Cisco is an example of this, and they host...
14 comments: