Aug 3, 2021Security Onion CrowdStrike Connector InstallationOverview Security Onion 2.3.60+ supports Elastic’s Filebeat for the ingestion of specific logs (see https://docs.securityonion.net/en/2.3/filebeat.html) This document describes how to install and configure Filebeat CrowdStrike to collect and ingest logs from CrowdStrike Falcon endpoint agents CrowdStrike documentation: https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-module-crowdstrike.html3 min read3 min read
May 25, 2021How to build a Security Onion Sensor in GCPIntroductionCybersecurity10 min readCybersecurity10 min read
Nov 3, 2019The challenges with SIEM.Not that long ago, Security Information and Event Management (SIEM) was touted as being the answer to all security ills. Amazing visibility with correlated events telling you everything you need to know about your estate while minimising false positives. …Security7 min readSecurity7 min read
Nov 2, 2019No sound after using HDMI in UbuntuIt’s 10 to 11 at night. Phone rings. I answer. “Hi, I need your help”, said a familiar voice, “I’ve lost all sound from my laptop and I’ve been trying since 8pm to get it to work.”…… It’s now 2.30 in the morning and we’ve fixed the problem. The fix…Ubuntu3 min readUbuntu3 min read
Aug 12, 2019To MSSP or not to MSSP…. Is that a question?Organisations, large and small, can’t ignore cyber security these days. The news is full of the latest breaches. Gone are the days when a few breached records or the occasional petty fraud hit the headlines. Even the loss of details of EVERYONE in Bulgaria didn’t get much attention and (allegedly)…Cybersecurity7 min readCybersecurity7 min read
