Look, I will tell the truth, as I heard about threat intelligence integration, I thought that it was one of those type of buzzwords security vendors use to market costly software. Thereupon I read about the actual practice of the…
Why, I have sat too many late nights at security dashboards seeing them light up like Christmas trees. I imagine you have had that experience when an alarm triggers at 2 AM, and you are trying to determine whether it…
Well, truthful enough, at first, when I heard about AI that handles security incidents by itself, I thought that it sounded like a sci-fi story. I say, computers making judgments to isolate your network or destroy credentials without any human…
Ok, I will tell the truth, when I first heard about zero-day vulnerabilities I thought that my attention would be somewhat as follows: how do you call on the defense against something you are not aware of at all? It…
See, I have been becoming a real student of the role of machine learning over the past few months, and how it affects the detection of threats that the previous security measures fail to detect. Initially I believed that anomaly…
Well, I wasted three weeks reading about AI threat detection systems since I continued to read headlines that involved AI-powered security and literally thought that most of this was marketing nonsense. It happens that I was half correct–there is hype,…
Introduction I quickly recall when I first had to view a SOC analyst who manually had to triage hundreds of security alerts. It was late, 2 AM, and they were taking their third energy beverage, and one-third or so of…
I have leaked an API key to GitHub previously. Sat up spent Sunday panicky turning credentials and reviewing access logs. The error saved me a whole library on API authentication than any tutorial would. Authentication is no longer an option…
I have created enough systems to authenticate to know that within the current state of things, tokens have been omnipresent, and the vast majority of developers are not adequately informed of the existence of the underlying mechanics. Another incident that…
I do not come here to preach you about password security. You’ve heard it all before. However, this is one of the things that can actually catch your eye, which is the possibility of enabling Multi-Factor Authentication (MFA) that can…
You see, I wasted much too much time not understanding these three protocols before it dawned on me. Everybody throws round “SAML” and OAuth and OpenID connect like they are similar, yet they are not. All of them address a…
I have more than 20 years of experience in logging to websites, and I would honestly say that I did not think much about how bad passwords were until I began to notice how authentication is actually implemented. The process…