Threat Intelligence and Brand Monitoring

Threat Intelligence and Brand Monitoring


One thing that nearly every department in your organization is concerned with is monitoring for references to your organization on the internet, such as brand reputation, cybersecurity threats, intellectual property rights, threats of harm against life or property, etc. But, what are your options?

(more…)

A Sensible Password Policy

A Sensible Password Policy


A password should be 24+ characters, require lowercase, uppercase, numbers, special characters, not one of the last 24 passwords, not more than three characters in a row of the same type, and change every 30 days. Uh, NOT! Here’s a more sensible policy.

(more…)

Tachyon – A Security Pros Paradise

Tachyon – A Security Pros Paradise


I recently had the privilege to perform full scope application security testing against 1E’s Tachyon, an endpoint incident response and remediation platform. I was so impressed with it, I sought (and received) approval from 1E to release this article publicly, detailing my impressions.

(more…)

Burp+SSLintercept with Kali+Docker+Java+Python+Browser

Burp+SSLintercept with Kali+Docker+Java+Python+Browser


I couldn’t find a single source for setting this up, so I thought I would copy/paste my notes for others to reference. Feedback appreciated.

The goal is to proxy all http-80 and https-443 traffic in a docker/OS stack through Burp with (trusted) SSL intercept.

(more…)