Analysis of a Threat: PowerShell Malicious Activity
The other day here at Blumira we had a customer detection trigger that caught our attention. This was a detection I created a while back with zero false positives so far for a Powe...
Read MoreHands in the Honeypot: Detecting Real Security Threats
A honeypot is a network device that either appears to contain or does actually contain vulnerable data intended to lure an attacker into accessing. Whether a threat actor tries to ...
Read MoreSecOps, Simplified: Part 3 – Security Orchestration, Automation and Response
Make no mistake. Security Orchestration, Automation and Response (SOAR) is the direction information security is headed. It makes good sense too. As I’m fond of saying, “speed ...
Read MoreSecOps Simplified, Part 2: Security Tools – Is More Better?
It happens to all IT folks; security is no exception. Our inner consumer craves the hottest new security technology - “With this shiny new security tool we’ll be UNSTOPPABLE!!!...
Read MoreHow to Optimize Windows Logging for Security
One of the most common configurations taken for granted is the built-in Microsoft Windows OS logging capabilities. Microsoft Windows continues to dominate the corporate enterprise ...
Read MoreSecOps Simplified, Part 1: SIEM…Now Without the Headache!
Most security professionals agree that Security Information and Event Management (SIEM) technologies play a central, if not vital, role for delivering effective security. SIEM prod...
Read More