Blue Team

Author, Blue Team, Blue Team Tools, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Jordan Drysdale Azure, defense, Detection, doazlab.com, Impacket, Jordan Drysdale

Impacket Defense Basics With an Azure Lab 

Jordan Drysdale // Overview The following description of some of Impacket’s tools and techniques is a tribute to the authors, SecureAuthCorp, and the open-source effort to maintain and extend the code. […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, How-To, Hunt Teaming, Informational, InfoSec 101, Jordan Drysdale ARM Templates, Attribution, Detection, Engineering, Geopolitics, hunting, Microsoft Sentinel

Geopolitical Cyber-Detection Lures for Attribution with Microsoft Sentinel 

Jordan Drysdale // Summary! There are tons of security event management (SIEM) solutions available these days, but this blog will focus on Microsoft Sentinel. Sentinel is easy to deploy, logs […]

Read the entire post here

Author, Backdoors & Breaches, Blue Team, Blue Team Tools, Corey Ham, Fun & Games, Hal Denton, How-To, Informational, Jason Blanchard, Kiersten Gross, Noah Heckman, Troy Wojewoda, Webcasts

How to Use Backdoors & Breaches to do Tabletop Exercises and Learn Cybersecurity

Have you heard of Backdoors & Breaches, or even have a deck of your own, and yet… still don’t know how to use it? We created an incident response card […]

Read the entire post here

Author, Blue Team, Blue Team Tools, General InfoSec Tips & Tricks, Hunt Teaming, Informational, Jordan Drysdale Jordan Drysdale

The Azure Sandbox – Purple Edition 

Jordan Drysdale // Azure has replaced AWS in my personal development pipeline. This may sound crazy but hear me out. Microsoft has solidified its offerings, done nothing but improve its […]

Read the entire post here

Blue Team, Informational, InfoSec 101, John Strand, Webcasts

Webcast: New Wave of Ransomware Attacks: How did this happen?

This is a special joint webcast from the teams of Black Hills Information Security, Wild West Hackin’ Fest, and Active Countermeasures, presented by John Strand.  In this webcast, we cover […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Blue Team, How-To, Informational, InfoSec 101, Steve Borosh

Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit

Stephan Borosh // The year of 2021 has presented some interesting challenges to securing Windows and Active Directory environments with new flaws that Microsoft has been slow to address.   In June, @Harmj0y and @tifkin_ […]

Read the entire post here

Backdoors & Breaches, Blue Team, Blue Team Tools, Fun & Games, Informational

Backdoors & Breaches LIVE – 5/19/2021

Join our Incident Master Ean Meyer as we play another round of Backdoors & Breaches (B&B) session using our new Tabletop Simulator (TTS) version! If you have STEAM / TABLETOP […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Blue Team, Blue Team Tools, How-To, Informational, InfoSec 101, Michael Allen Michael Allen

Is This Thing On?

How to make sure your antivirus is working without any malware  Michael Allen // Recently, a customer asked me if there was a way they could generate alerts from the new antivirus product they deployed without executing any actual […]

Read the entire post here

Author, Blue Team, Informational, John Strand, Webcasts

Webcast: Your Free and Open Source EDR Options!

There has been a huge explosion of different free and open-source options for EDR in the security space. Which is nice because the commercial offerings are stupid expensive. In this […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here