3 min
Komand
Does Security Automation Mean SOC Employees Will Be Obsolete?
Telephones, computers, and robots all have one thing in common: People thought
they’d replace the need for human input, putting us all out of a job. On the
contrary, these technologies were widely embraced once the public realized what
their true purpose was: to automate tedious work and enable us to do things we
actually enjoy doing, and faster, too. The same benefits apply to security
operations, and this is a great thing for security operations centers (SOCs)
[https://www.rapid7.com/fundament
3 min
IT Ops
4 Potential Security Issues Raised By Pokémon Go
Pokémon Go is a phenomenon. The game is objectively a success and has been
breaking mobile gaming records almost weekly. The game’s current success is
without being open in some significant markets and it shows no signs of slowing.
It is important to remind players to take measures to protect your company’s
interests when playing.
Pokémon Go is an Augmented Reality game. Players see the game’s fictional world
on top of everyday reality. Augmented Reality manifests in several ways: from
import
3 min
Komand
A Framework for Selecting and Implementing Security Tools Today
Security products are often purchased to either mark a compliance checkbox, have
the newest, shiniest tool on the market, or because of a great vendor pitch, but
those reasons don’t support a strategic approach to security posture.
With so many technologies out there today, we put together a simple and
straightforward framework you can use to make signal out of noise and select the
technology that fits your unique needs.
1. Hire People First
A big misstep that many organizations make is pickin
10 min
Komand
Building a Simple CLI Tool with Golang
Go offers a simple way to build command-line tools using only standard
libraries. So I put together a step-by-step example to help walk you through the
process.
To write a Go program, you’ll need Go setup up on your computer
[https://golang.org/doc/install]. If you’re not familiar with Go and want to
spend a little extra time learning, you can take the Go tour
[https://tour.golang.org/welcome/1] to get started!
In this example, we’ll create a command-line tool called stringparse, that will
cou
4 min
Automation and Orchestration
Bro Series: The Programming Language
Synopsis:
Bro [https://www.bro.org/]is a network security monitoring platform. The reason
for calling it a platform is due to the fact that Bro is a domain specific
programming language and a collection of tools and APIs. Together, they comprise
a platform for network monitoring. In this article, we will attempt to solidify
the fact that Bro is a language by using it as such.
Data Types
The Bro scripting language supports the following built-in types
[https://www.bro.org/sphinx/script-reference
1 min
IT Ops
Integrating Logentries with OpsGenie: 3 Easy Steps
Real-time alerts [https://logentries.com/product/alerting-and-reporting/] are
only as good as their ability to successfully reach their intended audience. If
an alert recipient only checks email once every several hours, email alerts
would not be well suited for real-time notification.
It’s for this reason that Logentries makes it easy to integrate with popular 3rd
party tools that DevOps professionals are already using, including Slack
[https://docs.logentries.com/docs/partner-notifications#
8 min
Komand
Defender Spotlight: April C. Wright of Verizon Enterprise Services
Welcome to Defender Spotlight! In this weekly blog series, we interview
cybersecurity defenders of all varieties about their experience working in
security operations. We’ll inquire about their favorite tools, and ask advice on
security topics, trends, and other know-how._
Today, we're talking with April Wright. She is currently working for Verizon
Enterprise Services as a Security Program Lead, and is a fellow lover of
security defenses. April is devoted to teaching, creating, learning, and he
4 min
IT Ops
Exporting Logentries data with Leexportpy
Leexportpy, the Logentries utility that exports your log data to 3rd parties,
has built-in support for various services such as Kafka, Geckoboard and Hosted
Graphite. Without any modification to the current code, you can use these
services to extract your Logentries data.
To begin, make sure your read-write or read-only API key is correctly placed in
the LE section of your configuration file as shown below. Also make sure you
have read the first blog post of this series.
[/2016/07/introductio
7 min
IT Ops
What exactly is an Event-loop?
“The price of reliability is the pursuit of the utmost simplicity” – C.A.R Hoare
Rather than doing another all-out performance post, I’ll look at some aspects of
asynchronous I/O today instead: what it is at a high level, what it isn’t and
why you would use it.
There aren’t many aspects of programming today that are as saturated with
buzzwords and misinformation as asynchronous IO and some of the frameworks which
build on top of this. If you work with server code which has to handle a
nontri
4 min
Komand
How Security Orchestration Can Stop Insider and Outsider Attacks
Running a successful security operations center
[/4-experts-explain-the-best-strategies-for-a-successful-security-operations-center]
(SOC) is a tall order. It requires assembling an ideal mix of people,
processes,
and tools [/the-importance-of-investing-in-people-before-tools-in-cybersecurity]
, and connecting them in ways that make it possible to respond to threats fast
while also maintaining a strategic overall security posture.
One of the best ways to make sure that a SOC runs seamlessly is
10 min
IT Ops
Introduction to the Logentries Command Line Interface
The Logentries Command Line Interface (CLI) allows you to both manage and use
your Logentries service right from the command line. The CLI is built on the
Logentries REST APIs [https://docs.logentries.com/docs/rest-api] and provides a
tool to interact directly with the Logentries service outside of the UI. It is
in beta and currently supports retrieving log events, and performing queries and
calculations on log events using our powerful querying language LEQL
[https://docs.logentries.com/docs/
4 min
IT Ops
Using Logentries With Angular v1.5
The post assumes at least a basic knowledge of Angular. Angular is a very
opinionated framework so make sure you have some experience with Angular before
following the instructions presented below.
Logentries can integrate into whatever Javascript framework you want to use.
Previously, we examined adding Logentries to a React application
[/2016/05/integrating-the-logentries-javascript-library-with-react/]. This post
will illustrate how to add Logentries to your Angular v1 application using
2 min
Komand
How to Build a Powerful Cybersecurity Arsenal with Free & Open Source Tools
Whether you're creating a security program on a budget or building a security
operations center with cost-effectiveness in mind, we believe having the right
people, processes, and tools—in that order—is essential to an effective security
posture.
We’ve talked before about finding the right people andassembling your security
team first
[/2016/07/07/the-importance-of-investing-in-people-before-tools-in-cybersecurity/]
is a smart move. Today, we want to talk about the “tools” part of the equation
7 min
Komand
Making Bug Reporting Easier with AWS S3 and AWS Lambda
Getting users to submit bug reports can take time, energy, and thus requires a
strong desire for the consumer to act upon. For developers, it means that it may
take more time to be notified of a bug. Not everyone is a power user who will
report odd things, especially those that are not mission critical.
Here at Komand, we came up with a neat little solution to make reporting bugs
easier for our users. To do this we must take some of the work out of the
reports. Tasks such as bug notifications (
4 min
IT Ops
REST API: a little cURL and some Python
Here at Logentries
[https://logentries.com/centralize-log-data-automatically/?le_trial=rest_api_curl_and_python-logentries_blog-post_cta-create_trial&utm_campaign=rest_api_curl_and_python&utm_source=logentries_blog&utm_medium=post_cta&utm_content=create_trial]
work has been going for sometime in bringing to our customers a powerful and
flexible REST API [/2014/09/the-abcs-of-rest/] service for interaction with
their log data. This work started out with the REST Query API
[/2016/05/now-availab