Browse our blogs
We cover it all in The Security Blog. Discover what you’ve been looking for.
Purpling Your Ops
How does one Purple Team? TAC Practice Lead Megan Nilsen shares open-source tools, techniques, and tips for security practitioners exploring Purple Teaming,…
I Got 99 Problems But a Log Ain’t One
1.1 IntroductionHere at TrustedSec, one of the goals of the Tactical Awareness & Countermeasures (TAC) team is to assess and enhance our partners' security…
The Necessity of Active Testing – Detection Edition
Most security teams understand the importance of log collection and building detections to provide early indicators of anomalous or potentially malicious…
Pull Your SOCs Up
"It is a capital mistake to theorize before one has data. Insensibly one begins to twist facts to suit theories, instead of theories to suit facts."-Sir Arthur…
When on Workstation, Do as the Local Browsers Do!
1 IntroductionWeb browsers are common targets for many different APTs. Tools like Redline Malware or penetration testing tools such as SharpChrome or…
A Hitch-Hacker's Guide To DACL-Based Detections - The Addendum
This blog was co-authored by TAC Practice Lead Megan Nilsen and Andrew Schwartz.1 IntroductionLast year, Andrew and I posted a four (4) part blog series…
The Rising Threat: A Surge in Zero-Day Exploits
IntroductionThe cat-and-mouse game between defenders and attackers continues to escalate in the ever-evolving cybersecurity landscape. Advanced Persistent…
From Zero to Purple
Learn how to create and deploy Internet Shortcut files for adversary emulation and detection engineering using Python, SMB, and WebDAV servers, a useful tool…
Engagement Guide: How to Prepare for Your Purple Team
TrustedSec's Purple Team engagements prepare clients for security assessments by identifying gaps in security coverage, logging, and tooling, with offerings…
Detection Alchemy - The Purple Team Way
1.1 IntroductionAs security practitioners, we frequently extol the virtues of penetration testing and red team exercises as a way of identifying issues…
A Hitch-hacker's Guide to DACL-Based Detections (Part 3)
Configuring a SACL to prevent unauthorized changes to Active Directory attributes, enabling auditing and monitoring for potential attacks, and detecting…
A Hitch-hacker's Guide to DACL-Based Detections (Part 2)
This blog series was co-authored by Security Consultant Megan Nilsen and TAC Practice Lead Andrew Schwartz.1 IntroductionThis is a continuation of A…
Loading...