LAPSUS$ Hunting with simple Anomaly Detection
Various methods to bypass OKTA MFAs have been disclosed on the internet, which I won’t discuss in this blog post. But rather how to.
How do we navigate through mass data?
Various methods to bypass OKTA MFAs have been disclosed on the internet, which I won’t discuss in this blog post. But rather how to.
Insider Threat is an overarching problem. Because there is no single tool could comprehensively cover Insider Threat. Insider Threat Detection needs building blocks of.
Part 2 of the “Effective Logging” series, we will examine step by step mechanism of collecting Cloudtrail data from the entire organization including sub-accounts.
We get flooded with many different tools and technologies, whether open source or commercial, but one important question to ask ourselves is: “In the.
https://github.com/tomwynn/coldToFrozenScripts/blob/master/coldToFrozenS3.py https://github.com/tomwynn/coldToFrozenScripts/blob/master/coldToFrozenBlob.py Data archiving is usually an afterthought. Most organizations only implement data archiving when compliance requires. But what if an incident happens and.
Problem Statement Organizations don’t usually invest in enough resources into Threat Intelligence, even if they do, SOC operators usually struggle with the amount of.
PrefaceDetecting Data Exfiltration can be a daunting task. One of the more common use-case is the detection of users exfiltrating data via USB drives..
Quick words It has always been astounding about the amount of attack surfaces that we have within an organization for insider to exfiltrate data.