General
Software Development Nuggets for Security Analysts
This is a blog dedicated to those like myself who may have an "alternative" background when it comes to getting into cybersecurity.
General
Detection
Wireshark's little known Snort post-dissector
Snort rules are considered the gold standard of Network Intrusion Detection signatures, and because of that it is important for new analysts to learn how to read and understand the logic of them. These days, there are a ton of great blogs already on understanding them, such as this one by Rapid7.
Detection
An Introduction to Adversary Emulation Platforms and their Use Cases w/ MITRE's Caldera
Have you heard of Adversary Emulation platforms, but aren't really sure what they are or how they work? Or perhaps think they are security tools reserved for only the most advanced teams with huge budgets? Let's take a look at what an Adversary Emulation platform is, go over some sample
Detection
Leveling up your Linux Security Monitoring
Lets face it - the state of Linux security monitoring sucks. Linux is often treated as a second class citizen in terms of feature set when compared to its windows counter parts.
Python
Securing and Setting up your Python Development Environment
This is a guide to setting up a minimal and secure Python development environment for Ubuntu There are a lot of blog posts out there on learning the basics of programming or how to create your first web app with python, but weirdly not very many on how to setup a secure environment.