Pinned toot

rest of 2020 goals in mind: 📆

:pika: Pivot at the current place

:pika: Take on board another project

:pika: Actually contribute to an open source project (now that, I'm no longer involved with open source / community software)

:pika: Contribute into an online course

:pika: Pick up a whole new skill

:pika: Keep up my blog entries on

:pika: Continue to apply and send Cfp/talk submissions

:pika: Continue on with this ruleset submissions that has been on my mind

Pinned toot

Who moved my DNS cheese? BIND 9 DNS Log Collection and DNS Auditing

Looking into other cloud DNS infrastructure for a potential series. What provider do you use?

Twitter is now tagging a whole bunch of tweets as 'materials could be obtained by hacking' which is a sure fire way for someone to NOT read important news. Good time to promote fedi and this/your own instance.

They® literally made their own cryptography solution rolled into an sdk and it is totally ironclad and safe

Show thread

I would have to say that the PE (private equity) buyout has definitely given me some perspectives and some things to think about when it comes to mapping achievements and work with financial and growth outcomes.

We tend to think that "we do x, it's technical and specialized and other people see it" should be enough but it's not - not only map to profit and growth goals but also find the connections that lead back to you.

Show thread

Just added: YAML Config Snippet for Audit Logging Event Locations
Use with file_integrity module or adopt to your own choice of agent. YMMV though!

Just added: YAML Config with Event IDs of Active Directory Domain Service Events with Criticality Info

Yeah it's all Windows due to environment, but I am doing some work on logging for Linux environments very soon

Show thread

I'm also looking forward to spending time on contributions to open source, and publishing more technical content/posts on my blog for the community :)

Show thread

YAML configs for:

1. NSA Events to Monitor List

2. Events from the Windows 10 and Windows Server 2016 Security auditing and monitoring reference

3. Exploit protection events based on attack surface reduction events

And, which Windows auditing events require failure and success logging?


I have a few more to share next week.

I have a collection of YAML files (for , ) that I had built up more than a year ago, looking into placing these into a Gitlab/Github repo or blog format. The only thing is that the config may have changed since then but will release it

I guess I can finally start looking for SIEM and other roles now beyond technical documentation. is my website.

There is a Postman API conference and it is free to attend on Thursday and Friday

Quiet a lot of API security talks

Despite the walk, I feel a bit unmotivated at the moment. The only upside has been doing a practice 1 hour SSCP test run and getting a pass on it despite barely (aka more than an hour) studying for it.

Now I'm wondering if I should go for another cert.

My old job now made its way to a MITRE and NIST NVE database and its own CVE (CVE-2020-35488) however, no mention on the official account or the new technical evangelist.

Exploit writeup:

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.