brencroninJun 25, 202311 min readCyber Defense/Game Strategy AnalogyIf you are playing a team sport you can be fantastic at a single area, but still lose. For example, if you have great goal scorers and a...
brencroninJun 13, 20236 min readEmail Analysis - Understanding Email Header Analysis including SPF, DKIM, and DMARCWhy is Email Analysis needed Phishing emails persist as one of the primary attack vectors targeting organizations. The Mitre ATT&CK...
brencroninApr 14, 20238 min readThe Log and Pony Show - Security Orchestration Automation Response (SOAR)SOCs typically revolve around watching/monitoring the Security Information & Event Management (SIEM) system as a single pane of glass for...
brencroninApr 14, 20231 min readThe Log and Pony Show - Linux Logging and InstrumentationThe default logging for Linux systems is syslog. Syslog was developed in the 1980s by Eric Allman who developed the sendmail protocol. ...
brencroninApr 14, 20235 min readThe Log and Pony Show - Windows Logging (Instrumentation and Telemetry)SOC Triad reference. ????pic???? Windows systems have been equipped with a robust logging system consisting of three main constructs:...
brencroninApr 5, 20233 min readData Center OperationsData Centers are warehouse like buildings that seem to be being constructed all over the place. Data Centers house servers. Two of the...
brencroninApr 3, 20237 min readVulnerability Management - Scanning System Design for On-Premise ScanningThe importance of Scanner Location & Continuous Vulnerability Monitoring In vulnerability scanning, it's a fundamental requirement for...
brencroninApr 3, 20234 min readSIEMs - FortiSIEMFortSIEM has 4 main components: Collectors Workers Supervisor Backend Lg DB Events come from the log sources into the collectors. The...
brencroninMar 21, 20234 min readLog and Pony Show - Log System Performance & ReliabilityThis blog post is going to discuss several aspects of the performance of your cyber security logging system. The logs need to be stored...
brencroninMar 18, 20233 min readThe Log and Pony Show - Cyber Security Logging and SigmaImplementing and running effective security logging systems is a complex task that takes a lot of work and money. For the most part...
brencroninMar 11, 20238 min readManaging Cybersecurity Logging CostsUnderstanding SIEM Licensing There are several common SIEM licensing models, including: Events Per Second (EPS) Gigabytes per day (GBpd)...
brencroninMar 7, 20234 min readUnderstanding the Log Journey from Source to SIEMA primary challenge in centralized log collection lies in the intricacy of transporting logs from their source to the backend logging...
brencroninMar 7, 20234 min readSecurity Logging and Information & Event Management (SIEM) systems - Costly FailuresCentralizing log collection within a Security Information and Event Management (SIEM) system is a crucial component of information...
brencroninMar 7, 20236 min readBuilding and Managing Security Operations Centers (SOCs)There is a cliché business term that references the success of an information technology goal, business, function, etc comes down to...
brencroninMar 7, 20231 min readCyber Threat Intelligence (CTI) - Quiz QuestionsNames phases of the "Intelligence Cycle"? Identify the level of indicators in the Pyramid of Pain? Identify the aspects of the Diamond...
brencroninMar 7, 20234 min readCyber Threat Intelligence (CTI) - Analysis & ReportingHere are some key points to consider about CTI reports: The availability of CTI reports is on the rise, and their quality is improving....
brencroninJan 15, 20236 min readNetwork Security Monitoring (NSM) - ZeekZeek (formerly known as Bro) is an open-source project conceived by Vern Paxson. Its roots trace back to its original incarnation as...
brencroninJul 27, 20223 min readChamplain College Masters of Digital ForensicsI recently finished the Champlain College Masters of Digital Forensics program. I have a background in telecommunications and networking...
brencroninMay 18, 20223 min readTop Five Books for On-The-Go Cyber Security ProfessionalsThe Cuckoo's Egg - Cliff Stoll The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage Paperback, 2005 (Audio available)...
brencroninMay 18, 20221 min readTop Information Risk Books for Cyber Security ProfessionalsMeasuring and Managing Information Risk: A FAIR Approach - Jack Freund and Jack Jones Measuring and Managing Information Risk: A FAIR...
