2018-09-22 -  This week I was at SANS London learning about forensics. I’ll post a proper writeup on the the course a bit later (it didn’t actually finish until this afternoon), but I thought I’d attend one of the SANS evening talks to learn something new and flex my rarely-used journalistic muscle....

2018-09-14 -  The bulk of cyber security incidents are fairly simple, but sometimes you end up working with a whole network of hosts that are connected to each other in different ways. With this scenario in mind, I recently set out to explore the possibility of creating a Python script to automatically...

2018-09-07 -  A colleague recently asked me for my advice for new cyber security consultants joining our company, which got me thinking about what I’ve learnt over my first year in the industry. Here are my seven top tips for those just entering the world of security consulting. 1. Get involved with...

2018-08-24 -  A little while ago I wrote about grouping data by multiple fields in Splunk, which is a very useful function that produces hideous export files. I took some time to write a Python script to fix that and make the data a lot more useful for further analysis. For reference,...

2018-08-10 -  It only took me half a year since its UK release, but I’ve finally finished reading InfoSec Rock Star, a book written by one of my old SANS instructors that touches on everything from dress codes to negotiation tactics for cyber security professionals. Disclaimer: Just so you’re aware before you read...

2018-07-22 -  Splunk is a powerful tool, but with so many available functions and hit-and-miss coverage on forums it can sometimes take some trial and error to get queries right. Here’s what I pieced together to perform a count on a subset of events and group the data by two fields… As...

2018-07-13 -  I had big expectations for Muse: Drones World Tour after 2013’s excellent Live at Rome Olympic Stadium. I wasn’t expecting a Hullabaloo beater, but I would have been happy with a solid rendition of the album’s tracks and older singles against the unique backdrop of the arena tour’s “in the round” setup and 360-degree Drones-themed experience....

2018-06-23 -  We all use passwords every day, but how exactly do they work? It would be easy to assume that the services we use all hold huge databases with our usernames and passwords side by side, but the reality is much more interesting – and, of course, much more secure. It’s...

2018-06-09 -  When it first came out eight years ago, I assumed The Social Network would be a fairly dull retelling of the origin story of what was then everyone’s favourite social network. I finally caught it the other day, and it turns out I’d been missing out on a great movie....

2018-06-01 -  The security operations centre (SOC) is the heart of a firm’s cyber defences. Here are the basic elements and processes that a SOC uses to monitor for and respond to security incidents. Cyber security has a staffing problem. With so many roles out there and so few people with the...