tail -f security.log

scripting

IP360 Tools: Free For All!

IP360 Tools: Free For All!

Last year, I wrote a couple articles on how to integrate Tripwire IP360 data into Splunk.  These turned out to be very popular, with a number of folks reaching out to me for a copy of my IP360 Tools script that made all the magic […]

Save the Yelps

Save the Yelps

I’m a big fan of Yelp and frequently use it to find great local restaurants.  I started using it about six years ago and quickly found the user-contributed reviews and tips to be invaluable.  It proved incredibly handy when I moved to DC and knew […]

Nessus and Splunk

Nessus and Splunk

Introduction Inspired by my IP360 and Splunk integration project (here and here), I wanted to do the same for Tenable Nessus.  In a previous role I implemented Nessus + SecurityCenter and for the most part had a positive experience.  The interface was modern and I liked […]

Python Scripts

Python Scripts

I’m consistently impressed by Python and the power it gives anyone to automate a myriad of tasks.  I encourage all security professionals to learn Python as you have or will more than likely run into a problem that requires some kind of automation.  I got […]

IP360 and Splunk – Part 2

IP360 and Splunk – Part 2

Introduction In Part 1, I discussed how I thought integrating Tripwire IP360 vulnerability data into Splunk would be a great way to both learn Splunk and create useful and interesting vulnerability reports.  I gave an overview of IP360’s vulnerability scoring system and showed how I […]

IP360 and Splunk – Part 1

IP360 and Splunk – Part 1

Introduction Over the last several months I’ve been working towards becoming a Splunk Certified Architect.  To prepare, I wanted additional hands-on practice and tried to think of ways I could apply all the techniques I had learned in my classes. I happened to have a […]