Honeytokens (Canary Tokens). What is it? And How it works? Detect Insider Threat

What are Honeypots: We all are familiar with the concept of honeypots and their importance in a corporate environment. If you are not aware honeypots are deployed across the network in order to detect the intruder in the network. Honeypots are the system that contains detective and alerting features with some intended vulnerability to attract … Read more

Disassembling ransomware decryption tool What’s inside the decryption tool? How does the decryption tool work? Ransomware Recovery

Intro Ransomware attacks are on rising and becoming more sophisticated. Companies without little to no backup plan, struggle the most. As we know with ransomware attacks comes encryption. And it is a real pain to decrypt any files without a key. So that kept me thinking, how is this decryption tool able to handle the … Read more

Monitor full network traffic with Arkime aka. Moloch

Monitoring the corporate network is a crucial part to safeguard the network against malicious threat actors. One may argue that there are IDS and IPS to detect malicious traffic on the network. Those advanced security devices can indeed be useful but one cannot see the full picture of the network. For example, IDS and IPS … Read more

AWS Security Audit – Scout2 for Security Auditing on your AWS Infrastructure

The cloud platform is a way to go for most companies today. With all the advantages like scalable, redundant, fault-tolerant, and highly available infrastructure, the cloud seems like a way to go for when thinking of long term growth. Let’s not go to the overly discussed topic of cloud vs on-primes infrastructure. Security should be … Read more