because-security

Topic	Replies	Views	Activity
Network Intrusion Detection System workflows for Suricata - beyond packets wiki linux , suricata , network_forensics , monitoring , security_management Know thyself and thy network stuff Suricata is an OpenSource Network Intrusion System (NIDS), which is developed by the Open Information Security Foundation (OISF). The project’s intention is to secure the network via …	2	9596	August 27, 2021
X86 - the 32 bit assembly workflows you need in Information Security for Malware Analysis and Exploit Development wiki coding , malware-analysis , ia32 , reverse_engineering , offdev , asm , x86_32 It's not about reading CISC, it's about the flows In Exploit Development and Malware Analysis, it’s not about reading assembly. It’s about understanding and directing the control flow. That is valuable. Who needs all the…	2	3756	August 26, 2021
How to rock at Serverless - from beginner to Knative and Kubeless blog automation , coding , cloud , devops , linux , jenkins , java , javascript , spring , react , serverless , micro-services , python , kubernetes , knative This is a hands-on lab guide for engineers. It assumes some experience but there are a lot of links and annotations. How to rock at Serverless - from beginner to Knative and Kubeless Motivation: building services…	2	1477	August 26, 2021
Technical Compliance - Enterprise Security beyond silos, gimmicks and paper shields wiki compliance , iso-27001 , security_management , risk_management , bsi-standards , vda-tisax , nist , gdpr , pci-dss This is an intermediate level Wiki article about Information Security compliance. The InfoSec vs. Compliance FAQ section at the end is opinionated as well. Sub-sections deal with the integration points between an ISMS…	2	337	August 26, 2021
Machine Learning is a multi-year journey - Wiki essay public-wiki-drafts machine-learning , automation , statistics , coding , python , data_science , scikit , supervised_learning , unsupervised_learning , artifical_intelligence , estimation-theory	0	61	May 6, 2021
VMware ESXi remote code execution - steps to defend your systems (CVE-2020-3992) blog esxi , vmware , linux , ovirt	1	194	June 1, 2021
A technical look a Horusec - OpenSource Risk-driven Application Security for DevOps (SAST / DAST / CAST) tech-notes sast , dast , cast , jenkins , continuous-integration , containers , code-reviews , coding , devops	1	290	May 19, 2021
Network Security Monitoring - Threat Hunting Snippets Snippets threat-hunting , zeek , network_forensics , linux , rita , passer	0	266	May 16, 2021
Pf-dup on a PfSense gateway for separate distributed IDS sensors blog intrusion-detection , openbsd , pfsense , linux , suricata , esxi , vmware , zeek , cnc , lab-building	1	447	May 16, 2021
KubeCon + CloudNativeCon Europe 2021+ Pipeline hack - my wrap-up blog compliance , security_management , devops , kubernetes , linux , information_management , infosec_con	1	162	May 14, 2021
Discourse as a blog / knowledge base since Nov 2015. Documentation is not boring blog editorial , discourse-app , information_management	1	229	May 3, 2021
CentOS 7 on a Lenovo T480 in an enterprise environment wiki linux-desktop , linux , centos	1	910	April 29, 2021
Rate limiting (Technitium) DNS with pfSense (Community Edition) blog dns , firewall , network-engineering , pfsense	1	376	April 29, 2021
AWS Security Reviews with the command-line Snippets automation , aws , cloud	1	94	April 29, 2021
Elasticsearch API and Python - JSON in, garbage out wiki elasticsearch , python , jupyter , graphs , pandas , networkx , data_science , log_management , siem	1	1234	April 29, 2021
How to use ssh ProxyCommands on Windows 10 from Powershell blog ssh , windows-environment , linux , openbsd	1	5294	April 29, 2021
Motivation for Risk Analysis to improve Risk Management? Or do we just manage the chaos? blog iso-27005 , iso-27001 , fair , iso-31000 , data_science , compliance , security_metrics	1	365	April 29, 2021
Quick-tipp: Windows Group Policy for Software Restrictions in suspicious folders tech-notes windows-environment , active-directory , group-policies , quick-tipp	1	353	April 29, 2021
Quick-tipp: use Online file systems from WSL 1 (Ubuntu on Windows 10) tech-notes quick-tipp , windows , wsl_1	1	325	April 29, 2021
Linux Software-Security - practical things public-wiki-drafts linux , aslr , gdb , abi , unix , c , coding	1	113	April 29, 2021
InfoSec Jupyterthon (May 2020) - links wiki threat-hunting , coding , python , jupyter , infosec_con	1	166	April 29, 2021
Autopsy - lab notes (hands on Blue Team) public-wiki-drafts forensics , incident_response , autopsy	1	141	April 29, 2021
Web Security basics: Third-Party assets and Application Security wiki web_apps , appsec , build-system , supply-chain	1	337	April 29, 2021
Quick-tipp: use Eclipse Theia as a Cloud-IDE like a web-version of VScode tech-notes quick-tipp , private_cloud , coding	1	453	April 29, 2021
Real World Java Security public-wiki-drafts appsec , java , coding , sast , sdlc	1	220	April 29, 2021
C++ Reverse Engineering - concepts and tools - Ghidra and WinDbg Preview wiki c , cpp , reverse_engineering , ghidra , radare , x86_32 , x86_64 , arm , windbg	1	4981	April 29, 2021
CodeQL - experiential notes for code audits, bug-hunts and CI/CD public-wiki-drafts vulnerability-discovery , sast , code-reviews , coding , variant-analysis , java , spring	1	1966	April 29, 2021
Ghidra Wiki wiki java , malware-analysis , reverse_engineering , ghidra	1	19889	April 29, 2021
WinDBG Preview wiki windbg , debugging	1	991	April 29, 2021
Linux Without Borders, Edition 2 (Feb 2020): Windows Subsystem for Linux, X Window System and Remote Desktop Protocol - thin client experiences for lean DevOps teams blog linux-desktop , windows-environment , linux , x11 , rdp , gloss	1	806	April 29, 2021

Network Intrusion Detection System workflows for Suricata - beyond packets

Know thyself and thy network stuff Suricata is an OpenSource Network Intrusion System (NIDS), which is developed by the Open Information Security Foundation (OISF). The project’s intention is to secure the network via …

2

9596

August 27, 2021

X86 - the 32 bit assembly workflows you need in Information Security for Malware Analysis and Exploit Development

wiki

coding , malware-analysis , ia32 , reverse_engineering , offdev , asm , x86_32

It's not about reading CISC, it's about the flows In Exploit Development and Malware Analysis, it’s not about reading assembly. It’s about understanding and directing the control flow. That is valuable. Who needs all the…

2

3756

August 26, 2021

How to rock at Serverless - from beginner to Knative and Kubeless

blog

automation , coding , cloud , devops , linux , jenkins , java , javascript , spring , react , serverless , micro-services , python , kubernetes , knative

This is a hands-on lab guide for engineers. It assumes some experience but there are a lot of links and annotations. How to rock at Serverless - from beginner to Knative and Kubeless Motivation: building services…

2

1477

August 26, 2021

Technical Compliance - Enterprise Security beyond silos, gimmicks and paper shields

wiki

compliance , iso-27001 , security_management , risk_management , bsi-standards , vda-tisax , nist , gdpr , pci-dss

This is an intermediate level Wiki article about Information Security compliance. The InfoSec vs. Compliance FAQ section at the end is opinionated as well. Sub-sections deal with the integration points between an ISMS…

2

337

August 26, 2021

Machine Learning is a multi-year journey - Wiki essay

public-wiki-drafts

machine-learning , automation , statistics , coding , python , data_science , scikit , supervised_learning , unsupervised_learning , artifical_intelligence , estimation-theory

0

61

May 6, 2021

VMware ESXi remote code execution - steps to defend your systems (CVE-2020-3992)

blog

esxi , vmware , linux , ovirt

1

194

June 1, 2021

A technical look a Horusec - OpenSource Risk-driven Application Security for DevOps (SAST / DAST / CAST)

tech-notes

sast , dast , cast , jenkins , continuous-integration , containers , code-reviews , coding , devops