AWS Security Audit – Scout2 for Security Auditing on your AWS Infrastructure

The cloud platform is a way to go for most companies today. With all the advantages like scalable, redundant, fault-tolerant, and highly available infrastructure, the cloud seems like a way to go for when thinking of long term growth. Let’s not go to the overly discussed topic of cloud vs on-primes infrastructure. Security should be … Read more

Installation of PFELK on ubuntu. ELK for pfSense

As per my promise or I can say mention of pfSense installation I am presenting the installation guide. By the way, I just copied every step from the GitHub repository document if anyone is wondering. Steps given in the official documentation are perfect and straight forward. I honestly rewrote it because I was running out of ideas and I promised it in the previous post.  But one thing I would say that if you are a beginner like me don’t use scripted install, do it manually. It is good to know what components are being installed to get it done. The one important thing I would say about ELK (btw, I have told this many times before but I need content, JK ;)) is that it is a base for so many SIEM and cannot be neglected from learning it from the base. You can customize it so much to basically make it look like you :). Now enough of these fillers let’s get straight … Read more

Actively monitor pfsence firewall. PFELK: Elastic stack for pfsence

You will notice that this article has something to do with ELK stack AGAIN!!!. ELK stack is so flexible that it can fit into many different use cases. Today’s use-case of elk stack will be with the firewall. Most firewalls hardly have any kind of dashboard integrated with them, which makes it harder to monitor … Read more

Winlogbeat and Sysmon setup. Integration with ELK

This post is all about windows logging with winlogbeat and sysmon in place to collect all the important logs possible. Without getting into details about the installation of ELK stack I will get started with the installation of services and configuring the server to process that logs. Here is the link for installation script for … Read more

Information Banner on Ubuntu

This is the week I am writing about something that very common, and the reason behind this post is that I was running out of time to work on new stuff I found interesting. But keep the promise for the next post I will bring something interesting. Lets start. Searching through the Linux file system … Read more

Configuring two-factor authentication on CentOS 7

Multi-factor authentication has been one of the incredible things that security people love. An extra layer of protection that authorized person has, have or are. Now let’s get straight to the point on configuring two-factor authentication on CentOS 7. Let’s first install the additional repository called epel Now let’s install google-authenticator Once installed type following … Read more