Introducing the ‘Unpennied Cyber Defense Center’

Posted on July 21, 2020 by andurin
No Gravatar

Foreword

In the early years of my career I was heavily involved in the (german) Nagios™ community. As I entered that community, around 20 years ago, I loved the open thoughts. There was an OpenSource Software, People who used it with different maturity levels and they helped each others. There were no limits to share knowledge and experiences and this was a wonderful time which shaped me until today.

In that meaning I would like to start a couple of different blog posts to my recent topics – IT Security and within that topic the Defense part. I would like to share my experience with various cyber defense tools and am curious to see how far you can get without $vendors.

I know some of the potential biases like “OSS doesn’t costs License fees, but Human-Power.” and further I actually won’t dive deep into the different licenses from the following OSS / $Free Products/Solutions. So if you are on business please consult the licenses by yourself if you are allowed to use that tools with commercial interests.

Continue reading
Posted in Unpennied CDC | Comments Off on Introducing the ‘Unpennied Cyber Defense Center’

EVTX 2 Elasticsearch

Posted on June 28, 2020 by andurin
No Gravatar

Recently I was challenged with analyzing different evtx files and now I want to make my workflow to accomplish this mission published.

In this HowTo we will parse our EVTX Files with an Rust Parser to transform the files into JSON Files. Those will then be delivered to an Logstash instance where we can play with the Logstash JSON Filter to manipulate the Elasticsearch Output.

Continue reading
Posted in All day events, Security, Threat Analysis | Comments Off on EVTX 2 Elasticsearch