brencroninOct 9, 20232 min readVulnerability Management Program OverviewLet's face it, vulnerability management is a pain! In an online SANS article titled "Vulnerability Management Maturity Model Part I"...
brencroninSep 29, 20234 min readCyber Risk Concepts - Evaluating Security ControlsSecurity controls represent the foundational functions designed to enhance cybersecurity. For instance, a control may involve restricting...
brencroninSep 23, 20233 min readNetwork Security Monitoring (NSM) - Hacker Command & Control (C&C) (C2)Ralph Mudge developer of Cobalt Strike Red Team hacking software outlines from the hackers perspective 4 key processes that need to...
brencroninSep 23, 20232 min readCyber Risk Concepts - Why FAIR provides better analysis and ReferencesThe National Association of Corporate Directors (NACD) emphasizes the need for improved cyber risk information for boards. This includes...
brencroninSep 23, 20234 min readCyber Risk Concepts - Factor Analysis of Information Risk (FAIR) Disclaimer - This article is just an a quick overview of a popular model for evaluating cybersecurity risk called Factor Analysis of...
brencroninAug 22, 202312 min readActive Directory (AD) and Cyber SecurityTo begin dissecting Active Directory (AD), it's important to grasp the concept that a domain essentially constitutes a sizable collection...
brencroninAug 16, 20232 min readVulnerability Management - The Nagging ProblemsNumerous organizations boast robust vulnerability management systems like Nessus, Rapid7, and Qualys, which excel in scanning systems for...
brencroninAug 16, 20233 min readElastic - PricingElastic SaaS pricing is extensively documented. However, when researching the associated concepts, the abundance of information can...
brencroninAug 16, 20232 min readSRE - Golden Signals MatrixWhile overseeing Network Operations Centers (NOCs), I often noticed situations where systems were activated without adequate monitoring...
brencroninAug 14, 20233 min readNetworking - Spanning TreeSpanning Tree Protocol (STP) was developed by Radia Perlman in the mid-eighties. STP was adopted as standard 802.1D. STP was developed...
brencroninAug 7, 202310 min readEncrypted Traffic AnalysisEncrypted Traffic Overview - How Public Key Infrastructure (PKI) works RSA is a lynchpin of Public Key Cryptography. The more I learn...
brencroninJun 25, 202311 min readCyber Defense/Game Strategy AnalogyIf you are playing a team sport you can be fantastic at a single area, but still lose. For example, if you have great goal scorers and a...
brencroninJun 13, 20236 min readEmail Analysis - Understanding Email Header Analysis including SPF, DKIM, and DMARCWhy is Email Analysis needed Phishing emails persist as one of the primary attack vectors targeting organizations. The Mitre ATT&CK...
brencroninApr 14, 20238 min readThe Log and Pony Show - Security Orchestration Automation Response (SOAR)SOCs typically revolve around watching/monitoring the Security Information & Event Management (SIEM) system as a single pane of glass for...
brencroninApr 14, 20231 min readThe Log and Pony Show - Linux Logging and InstrumentationThe default logging for Linux systems is syslog. Syslog was developed in the 1980s by Eric Allman who developed the sendmail protocol. ...
brencroninApr 14, 20235 min readThe Log and Pony Show - Windows Logging (Instrumentation and Telemetry)SOC Triad reference. ????pic???? Windows systems have been equipped with a robust logging system consisting of three main constructs:...
brencroninApr 5, 20233 min readData Center OperationsData Centers are warehouse like buildings that seem to be being constructed all over the place. Data Centers house servers. Two of the...
brencroninApr 3, 20237 min readVulnerability Management - Scanning System Design for On-Premise ScanningThe importance of Scanner Location & Continuous Vulnerability Monitoring In vulnerability scanning, it's a fundamental requirement for...
brencroninApr 3, 20234 min readSIEMs - FortiSIEMFortSIEM has 4 main components: Collectors Workers Supervisor Backend Lg DB Events come from the log sources into the collectors. The...
brencroninMar 21, 20234 min readLog and Pony Show - Log System Performance & ReliabilityThis blog post is going to discuss several aspects of the performance of your cyber security logging system. The logs need to be stored...
