tail -f security.log

Author: eric

How to Choose the Right Endpoint Protection Platform (EPP) / Endpoint Detection and Response (EDR) Solution

How to Choose the Right Endpoint Protection Platform (EPP) / Endpoint Detection and Response (EDR) Solution

This post is featured on the CrowdStrike Blog. Introduction Like most cybersecurity professionals, you’re looking for an EPP that protects against current and evolving threats, is easy to deploy and manage, and is ultimately invisible to end-users.  Today, there are dozens of these platforms available, and […]

Zeekurity Zen – Part II: How to Send Zeek (Bro) Logs to Splunk

Zeekurity Zen – Part II: How to Send Zeek (Bro) Logs to Splunk

This is part of a larger series on building a Zeek (Bro) network sensor. Overview Zeek (formerly named Bro) is my favorite security monitoring platform, and I’ve used and promoted it throughout my career.  It generates rich network metadata that’s incredibly valuable for incident response, forensics, […]

Zeekurity Zen – Part I: How to Install Zeek (Bro) on CentOS 7

Zeekurity Zen – Part I: How to Install Zeek (Bro) on CentOS 7

This is part of a larger series on building a Zeek (Bro) network sensor. Overview Zeek (formerly named Bro) is my favorite security monitoring platform, and I’ve used and promoted it throughout my career.  It generates rich network metadata that’s incredibly valuable for incident response, forensics, […]

How To Build a SANS GIAC Index

How To Build a SANS GIAC Index

Over the years, my most popular article has been about how to successfully pass SANS GIAC exams.  Most people focus on my second recommendation on building an index for the course material.  Unfortunately, the index guide I linked to is no longer available.  Since I’ve received […]

How to determine your Ring Doorbell Pro firmware version

How to determine your Ring Doorbell Pro firmware version

I have a love/hate relationship with my Ring Doorbell.  When I purchased it in 2016 it worked great for a year with minimal issues.  As it became more popular, I noticed the quality dropped with video freezes, black videos, and missed motion events.  This led […]

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

About a month ago, I enabled decryption on my Palo Alto firewall and limited it only to traffic to and from my MacBook Pro.  It’s worked well and provided great visibility into the vast amounts of encrypted traffic that we see nowadays. So what’s this […]

Eric’s Top 7 Ways To Get Ready For Security Awareness This Summer

Eric’s Top 7 Ways To Get Ready For Security Awareness This Summer

Once upon a time, I believed that security awareness trainings were simply boring computer-based training videos that compliance requirements forced upon companies.  You’d simply “next, next, next” your way through and learn nothing of value.  However, in my current role I am directly responsible for […]

Palo Alto Firewall: External Dynamic Lists

Palo Alto Firewall: External Dynamic Lists

I recently attended Palo Alto’s annual Ignite conference for the first time.  It was a great experience for learning about best practices and networking with others.  One of the things I learned was Palo Alto’s way of handling basic threat intelligence feeds.  When I say […]