I was recently working on a Lockbit ransomware incident and I was able to recover the data from encrypted VMDK and VHDX files.
How to secure WordPress
In this post, I explain different strategies that can be use to secure WordPress. I cover the basics, the plugins and more.
SIEM 103 — Detect Windows bruteforce part 2
This post is a follow up of the post “SIEM 102 — Detect Windows bruteforce” where I explained how to create a detection Use Case to detect a Windows bruteforce.
In this post I will explain how we can enhance the original detection logic by having a lower False Positive rate.
Why I switched from Logz.io to Humio
I recently switched to Humio and transferred all the logs and automations I have. In this post I explain why I did this transfer.
CIS controls – where to start in securing a medium/big enterprise
It’s hard to decide where to put the efforts to secure this environment. The 18 CIS Controls can help us prioritize our efforts.
Cybersecurity Books and References – A Good InfoSec Reading List
I have been asked for a reading list of cybersecurity books. I decided to document this list here so it can be used by a broader public.
SIEM 102 — Detect WordPress bruteforce
WordPress is one of the most popular CMS and website server in the world. It handles “more than 30%” of the websites on the internet. Because of this, bad actors are really interested in finding ways to get control of them. In this post I explain how to detect a WordPress bruteforve.
Zero Trust Architecture – What it is and what I think of it
A Zero Trust Architecture (ZTA) is an Information Security architecture based on the idea that a network shouldn’t have inherent trust on the internal boundary. This post explain what it is and what I think of it.
Why the SolarWinds hack matters
Maybe you saw the news on the SolarWinds hack. If you didn’t, you should follow me on Twitter: https://twitter.com/TristanDostaler
In this post I want to explain, in a way understandable by everyone, why this hack matters.
Information Security synonyms
If we try to reduce the security problem to only the technology, we’ll fail miserably.