HackDig : Dig high-quality web security articles for hackers

[SANS ISC] Suspicious Endpoint Containment with OSSEC

I published the following diary on isc.sans.edu: “Suspicious Endpoint Containment with OSSEC“: When a host is compromised/infected on your network, an important step in the Incident Handling process is the “containment” to prevent further infections.  To place the device into a restricted environment is definitively better than power
Publish At:2020-09-17 08:05 | Read:173 | Comments:0 | Tags:OSSEC SANS Internet Storm Center Security Incident SANS ISC

Tracking SSL Issues with the SSL Labs API

The SSL and TLS protocols have been on the front of the stage for months. Besides many vulnerabilities disclosed in the OpenSSL library, the deployment of SSL and TLS is not always easy. They are weak cyphers (like RC4), weak signatures, certificates issues (self-signed, expiration or fake ones). Other useful features are mis-understood and not often not con
Publish At:2015-06-09 21:00 | Read:4329 | Comments:0 | Tags:Security Software Uncategorized API OSSEC SSL

Playing with IP Reputation with Dshield & OSSEC

[This blogpost has also been published as a guest diary on isc.sans.org] When investigating incidents or searching for malicious activity in your logs, IP reputation is a nice way to increase the reliability of generated alerts. It can help to prioritize incidents. Let’s take an example with a WordPress blog. It will, sooner or later, be targeted by a
Publish At:2015-06-09 21:00 | Read:5808 | Comments:0 | Tags:Logs Management / SIEM OSSEC Security API IP address Reputat


Tag Cloud