
Office 365/Azure Pentest Tools
I’m not going to talk about these… yet… and there’s duplicates because I think it’s useful to see where they can be used in different scenarios. Expect this list to grow!
Read more “Office 365/Azure Pentest Tools”I’m not going to talk about these… yet… and there’s duplicates because I think it’s useful to see where they can be used in different scenarios. Expect this list to grow!
Read more “Office 365/Azure Pentest Tools” →Whilst conducting security testing and assurance activities, I went looking to show logon events in Office 365. My first query was on IdentityEvents, this led to a view of a multi month attack by a threat actor/s against a tenent, followed by exploring the rabbit hole of logs and computer systems. This blog summarises some of the methods and findings when considering threat hunting and authentication defences for Office 365. (bear with me I am tired so this might need a bit of a tune up later!)
Read more “Defending Against Direct Authentication Attacks in Microsoft Office 365” →I’ve been working with all kinds of different organisations over the years, and I keep running into similar scenarios. The current state of the majority of organisations security postures are simply (as a broad-brush statement) far riskier than they need to be.
Conversely there are a range of common challenges I find in almost every org:
Read more “The Cyber Acid Test” →Everyone has a plan until they are cyber punched in the face! Or something like that!
People seem to have this misconception that you need to “do a pentest” or some other project based activity to do “security testing” or response planning.
Let’s be real here, you really don’t. But what you do need is a few things:
A winning cyber security strategy should have several key components.
First, it should involve a thorough assessment of your organization’s current security posture, including identifying any potential vulnerabilities or weaknesses. This assessment should be ongoing, with regular updates to ensure that your security measures are keeping pace with the evolving threat landscape.
Read more “What is a “Winning Cyber Security Strategy”?” →A mRr3b00t Adventure
Join me on an adventure of rambling and exploring the idea that you can in fact not lose the security leadership game! This blog is WIP, it’s just my brain wondering around the question of: can we win the in the face of a seemingly insurmountable force? What do we do as a security leader to protect ourselves and the organisation? How do we start?
Read more “How to not lose your job as a CISO” →I am seeing lots of “debate” about the value in red teaming, so I thought I would put together my thought process of how I look at as a broad stroke when I consider a generic starting position in an organisation. When I’m defending a business, I tend to ask myself (and the team/customers etc.) these kind of questions (they are not exhaustive):
Read more “Red Team Readiness Assessment” →I am not a legal export! Haha get used to saying that a lot if you work in cyber and are not in fact a legal expert! I wanted to put together a list of common laws that people should be aware of when doing business in the UK, it’s just a starter for 10 and there are likely others, but this should get people started for their security awareness and security policy documentation:
Read more: UK laws and cyber security considerations for businesscan you think of any others that I should add?
Thanks Gary and Kevin and the other AVIS I can’t name for inputting!
I wrote this in 2018 and don’t believe it ever made it to the interwebs, so I’m basically posting as is with an extra section for some useful links! Hopefully it still stands the test of time!
Risk assessments are complex, they require cross domain knowledge and generally do not deal in absolutes. Threats, vulnerabilities and asset intelligence is combined, weighed and assessed, leading to the construct of a risk assessment document. It can be easy to overcomplicate this process, which in turn (in my experience) often leads to far wider reaching consequences (the business starts to bypass security management or take short cuts), so I thought I would write a short post to clarify what I’ve seen work out in the field. So, to start with let’s try and align on what exactly a risk is.
Read more “Information Security Risk Management “ →How an organization approaches the challenge of technology and security management, well that’s the difference between leveraging technology to deliver value efficiently and effectively vs technical debt and inefficient deployment of technology which may hinder the organisation in its pursuit of its mission.
When we consider how technology is managed, we need to look at it from multiple viewpoints with different views:
Read more “Organisational Approach to Technology and Security” →