Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Pull Your SOCs Up
"It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts."-Sir Arthur…
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1 IntroductionLast year, Andrew and I posted a four (4) part blog series…
The Rising Threat: A Surge in Zero-Day Exploits
IntroductionThe cat-and-mouse game between defenders and attackers continues to escalate in the ever-evolving cybersecurity landscape. Advanced Persistent…
From Zero to Purple
IntroductionFor any Purple Team, or team using offensive techniques for defensive purposes, we need to make sure we are developing new techniques based on…
Engagement Guide: How to Prepare for Your Purple Team
After performing many Purple Team engagements with organizations ranging from large enterprise networks to small-to-medium businesses, we've found that the…
Detection Alchemy - The Purple Team Way
1.1 IntroductionAs security practitioners, we frequently extol the virtues of penetration testing and red team exercises as a way of identifying issues…
A Hitch-hacker's Guide to DACL-Based Detections (Part 3)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this third and final…
A Hitch-hacker's Guide to DACL-Based Detections (Part 2)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionThis is a continuation of A…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1B)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIn this continuation to our first…
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionIf you were to collectively ask any…
The Client/Server Relationship — A Match Made In Heaven
This blog post was co-authored with Charlie Clark and Jonathan Johnson of Binary Defense. 1 Introduction One thing often forgotten is that detection…
Loading...