Recent Posts

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

Palo Alto Firewall: macOS Updates NSURLErrorDomain error -1012

This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. Overview About a month ago, I enabled decryption on my Palo Alto firewall and limited it only to traffic to 

Eric’s Top 7 Ways To Get Ready For Security Awareness This Summer

Eric’s Top 7 Ways To Get Ready For Security Awareness This Summer

Once upon a time, I believed that security awareness trainings were simply boring computer-based training videos that compliance requirements forced upon companies.  You’d simply “next, next, next” your way through and learn nothing of value.  However, in my current role I am directly responsible for 

Palo Alto Firewall: External Dynamic Lists

Palo Alto Firewall: External Dynamic Lists

This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. Overview I recently attended Palo Alto’s annual Ignite conference for the first time.  It was a great experience for learning 

Palo Alto Firewall: Home Network

Palo Alto Firewall: Home Network

This is part of the Palo Posts how-to guides for getting the most from your Palo Alto firewall on a home or small business network. My very own Palo Alto! I’m a big fan of Palo Alto Networks firewalls due to their focus on security 

The Missing CISSP Domain

The Missing CISSP Domain

In the security world, the CISSP is the gold standard certification for information security professionals.  The exam is incredibly broad covering a number of domains.  However, over the course of my career I’ve realized that there’s a key domain that’s missing. Oh really, Eric?  And what 

OSM: Open Security Monitoring

OSM: Open Security Monitoring

Introduction I’ve spent most of my career defending environments of all sizes.  What I’ve found is that the job of a defender is much less flashier and thankless as compared to an “ethical hacker.”  While there are volumes of articles, guides, and talks on penetration 

Seeing Red: The Fun Stuff

Seeing Red: The Fun Stuff

The Fun Stuff: Privilege Escalation, Exfiltration, and Persistence This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we successfully exploited our Victim using a client-side attack targeting an old version of Microsoft 

IP360 Tools: Free For All!

IP360 Tools: Free For All!

Last year, I wrote a couple articles on how to integrate Tripwire IP360 data into Splunk.  These turned out to be very popular, with a number of folks reaching out to me for a copy of my IP360 Tools script that made all the magic