Lynis (How to find vulnerabilities and harden a Linux system)

Introduction: In the security industry, there is so much emphasis on Windows server and workstation security with thousands of security products dedicated to finding vulnerabilities and hardening servers. A few products that we have in the market are Nessus,  Nexpose, and OpenVAS, one may say they do support Linux and I agree entirely, but they … Read more

AWS Security Audit – Scout2 for Security Auditing on your AWS Infrastructure

The cloud platform is a way to go for most companies today. With all the advantages like scalable, redundant, fault-tolerant, and highly available infrastructure, the cloud seems like a way to go for when thinking of long term growth. Let’s not go to the overly discussed topic of cloud vs on-primes infrastructure. Security should be … Read more

Installation of PFELK on ubuntu. ELK for pfSense

As per my promise or I can say mention of pfSense installation I am presenting the installation guide. By the way, I just copied every step from the GitHub repository document if anyone is wondering. Steps given in the official documentation are perfect and straight forward. I honestly rewrote it because I was running out of ideas and I promised it in the previous post.  But one thing I would say that if you are a beginner like me don’t use scripted install, do it manually. It is good to know what components are being installed to get it done. The one important thing I would say about ELK (btw, I have told this many times before but I need content, JK ;)) is that it is a base for so many SIEM and cannot be neglected from learning it from the base. You can customize it so much to basically make it look like you :). Now enough of these fillers let’s get straight … Read more

Actively monitor pfsence firewall. PFELK: Elastic stack for pfsence

You will notice that this article has something to do with ELK stack AGAIN!!!. ELK stack is so flexible that it can fit into many different use cases. Today’s use-case of elk stack will be with the firewall. Most firewalls hardly have any kind of dashboard integrated with them, which makes it harder to monitor … Read more

Winlogbeat and Sysmon setup. Integration with ELK

This post is all about windows logging with winlogbeat and sysmon in place to collect all the important logs possible. Without getting into details about the installation of ELK stack I will get started with the installation of services and configuring the server to process that logs. Here is the link for installation script for … Read more

Information Banner on Ubuntu

This is the week I am writing about something that very common, and the reason behind this post is that I was running out of time to work on new stuff I found interesting. But keep the promise for the next post I will bring something interesting. Lets start. Searching through the Linux file system … Read more