3 min
AppSpider
RESTful Web Services: Security Testing Made Easy (Finally)
AppSpider's got even more Swagger now!
As you may remember, we first launched improved RESTful web services security
testing
last year. Since that time, you have been able to test the REST APIs that have
a Swagger definition file, automatically without capturing proxy traffic. Now,
we have expanded upon that functionality so that AppSpider can automatically
discover Swagger definition files as part of the
3 min
IT Ops
How To: Send Logentries Alerts to BigPanda
Working in customer support we are usually the first to receive feature
requests, integration requests or recommendations. We would then relay this to
our product team. But we often get requests that we can tackle ourselves whether
this may be small coding tasks or account changes. So when we heard a user
wanted to be able to forward their Logentries alerts to BigPanda.io, we made
that happen.
When any issues occur, time to resolution matters. Because Logentries streams
your log data in real-
2 min
Metasploit
Rapid7 Sponsors Tech For Troops Hacking Convention
This is a guest blog by Eliza May Austin, a student at Sheffield Hallam
University in the United Kingdom. We commend Eliza for her involvement in and
commitment to Tech for Troops and we're honored to be able to participate.
In March of 2016, Rapid7 sponsored the first ever Tech For Troops hacking
convention (TFTcon), hosted at Sheffield Hallam University. TFTcon is a hacking
convention specific to ex-military people and its purpose is to bridge the gap
in the information security industry with
4 min
Automation and Orchestration
Nagios Series: DNS Resiliency
Synopsis:
Host operating system resolver libraries are not very good at dealing with an
unreachable nameserver. Even if you specify multiple nameservers in resolv.conf
and one of them goes down you will experience a period where connections will
not be made because resolution is not known. There are a number of resolver
tuning options but even reducing the timeout to 1 second there will result in a
delay. This affects nearly all unix-like operating systems including GNU/Linux.
In this article w
5 min
IT Ops
Raspberry Pi, Logs and IoT - Sending Pi Log and Sensor data to Logentries
In the previous blog post
we learned how
to send IoT data from the TI CC 2650 SensorTag to Logentries using Node-Red and
directly using Linux. This Blog will show how to send data from a Raspberry Pi
device to Logentries
5 min
InsightIDR
5 Methods For Detecting Ransomware Activity
Recently, ransomware was primarily a consumer problem. However, cybercriminals behind recent ransomware attacks have now shifted their focus to businesses.
7 min
IoT
Getting a Handle on the [Internet of] Things in the Enterprise
This blog post was written by Bob Rudis, Chief Security Data Scientist and Deral
Heiland, Research Lead.
Organizations have been participating in the “Internet of Things” (IoT) for
years, long before marketers put this new three-letter acronym together. HVAC
monitoring/control, badge access, video surveillance systems and more all have
had IP connectivity for ages. Today, more systems, processes and (for lack of a
more precise word) gizmos are being connected to enterprise networks that fit
int
4 min
IT Ops
A Query Language for Your Logs
Application logging is the software world’s version of archeology. At runtime,
your application lives in a rich, colorful, 3-dimensional world of flowing
aqueducts, packed coliseums, and bustling streets. There’s more going on than
can possibly be captured.
When you’re trying to reproduce and correct a reported issue, you play
archeologist. The vibrant, live world is gone, and you’re left to piece reality
back together using only decorated pots, spearheads, and fragments of frescoes.
In oth
5 min
Detection and Response
You Need To Understand Lateral Movement To Detect More Attacks
Thanks to well-structured industry reports like the annual Verizon DBIR,
Kaspersky "Carbanak APT" report, and annual "M-Trends" from FireEye, the
realities of modern attacks are reaching a much broader audience. While a great
deal of successful breaches were not the work of particularly sophisticated
attackers, these reports make it very clear that the techniques once only known
to espionage groups are now mainstream.
Lateral movement technologies have crossed the chasm
I have written before
4 min
Komand
The SOC of the Future: Predictions from the Front Line
There is no perfect security operations center, and I say that having worked at
one in the past and
collaborated with many others since then. That said, as an industry, we are
always evolving and improving.
Recently, I shared 6 lessons learned while working in a SOC
, and today I want to
talk about where we at Komand believe the SOC is heading in the future and why.
Here are seven pr
5 min
Incident Response
What Makes SIEMs So Challenging?
I've been at the technical helm for dozens of demonstrations and evaluations of
our incident detection and investigation solution, InsightIDR
, and I've been running into the
same conversation time and time again: SIEMs aren't working for incident
detection and response. At least, they aren't working without investing a lot
of time, effort, and resources to configure, tune, and maintain a SIEM
deployment. Most organizations don't have the recommende
6 min
IT Ops
Integrating the Logentries Javascript Library With React
React.js has proven itself a powerful contender in the world of Javascript
frameworks. Arguably, it has become one of a handful of libraries that all web
developers should consider for current or upcoming projects. Understanding how
it integrates with other libraries in your technology stack is an important part
of that consideration. If you currently use, or are considering using Logentries
6 min
Automation and Orchestration
Introduction to osquery for Threat Detection and DFIR
What is osquery?
osquery is an open source tool created by Facebook
for querying various information about the
state of your machines. This includes information like:
* Running processes
* Kernel modules loaded
* Active user accounts
* Active network connections
And much more!
osquery allows you to craft your system queries using SQL statements, making it
easy to use by security engineers that are already familiar with SQL.
osquery is a flexible tool
5 min
Penetration Testing
SNMP Data Harvesting During Penetration Testing
A few months back I posted a blog entry, SNMP Best Practices
, to give
guidance on best methods to reduce security risks as they relate to SNMP. Now
that everyone has had time to fix all those issues, I figured it's time to give
some guidance to penetration testers and consultants on how to exploit exposed
SNMP services by harvesting data and using it to expand their attack footprint.
The first question when approaching SNMP is
6 min
IT Ops
Queuing tasks with Redis
Overview
As stated on their official homepage , Redis is an open source
(BSD licensed), in-memory data structure store, used as database, cache and
message broker.
Little bit about what Redis can do. It supports data structures such as strings
, hashes
, lists
, sets
, sorted sets