I was recently working on a Lockbit ransomware incident and I was able to recover the data from encrypted VMDK and VHDX files.
How to secure WordPress
In this post, I explain different strategies that can be use to secure WordPress. I cover the basics, the plugins and more.
SIEM 103 — Detect Windows bruteforce part 2
This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.
Why I switched from Logz.io to Humio
I recently switched to Humio and transferred all the logs and automations I have. In this post I explain why I did this transfer.
CIS controls – where to start in securing a medium/big enterprise
It’s hard to decide where to put the efforts to secure this environment. The 18 CIS Controls can help us prioritize our efforts.