Posts Tagged ‘analysis’

 

Incident Response services now available!

September 14, 2016

Security Incident Response is like firefighting: it’s not something you need everyday, but when you need it, you want the best, and you want it fast.  We’re proud to announce […]

 

Introducing Burp Correlator!

August 14, 2015

This one is for you web penetration testers!  This new Burp extension is designed to help with efficiency when you are testing a complex application full of parameters or a […]

 

Installing Splunk: First stop on the road to log analysis

April 23, 2015

First thing’s first: What is Splunk and why do I want or need it? The short is answer is Splunk is a data analytics tool that indexes system logs across […]

 

MIRcon 2013 – Analyzing Web Attacks with ModSecurity

November 15, 2013

Last week I was able speak at MIRcon 2013 about how to use ModSecurity to discover attack activity and defend your environment.  The presentation started out by discussing a fair […]

 

When the flood is going to come…

September 3, 2013

Most everyone in the U.S. is aware that its not uncommon for the Mississippi River to flood in the spring.  Even though the river has a series of locks and […]

 

My Crayons Didn’t Upload My Pictures to the Internet

August 25, 2013

In July, my daughter, Brenna (11yo) and I presented at the SANS Denver event.  She has long wanted to present with me and we both thought this talk was the […]

 

Burp Extension for F5 Cookie Detection

August 8, 2013

 This past February, my fellow colleague James Jardine wrote an excellent blog post called “Decoding F5 Cookie” where he described in detail how F5 load balancers use a persistence cookie […]

 

Looking for Malicious PHP Files

March 13, 2013

A while back I had to deal with a compromised web server for some folks.  They had some WordPress sites with a vulnerable plugin and found that attackers were putting […]

 

Ninja Developers Webcast Trilogy Overview

March 5, 2013

Over the past three months, James Jardine and Kevin Johnson were featured in a webcast trilogy titled “Ninja Developers.”  The series was presented through the SANS Institute and an archive […]

 

Reading the Mandiant APT1 Report

February 20, 2013

Like a lot of folks, I downloaded and read through the Mandiant APT1 report as soon as I could.  It’s an excellent resource and I highly recommend reading it if […]