Tweetovi
- Tweetovi, trenutna stranica.
- Tweetovi i odgovori
- Medijski sadržaj
Blokirali ste korisnika/cu @vector_sec
Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @vector_sec
-
Alright
#aws systems manager (ssm) users.. anyone know a way in your SSM document to dynamically reference the EC2 instance ID that your document is running on? For example, if I'm using AWS-RunPowershellScript how could I dynamically inject the instance ID into my script?Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Fun fact: The Cb Response live response "reg query" command will truncate registry key values without telling you. Wanna guess how I know?
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
If you're using Splunk and you aren't on the Splunk Usergroup Slack (http://splk.it/slack ) I highly recommend you reconsider. I've lurked in there for quite a while but just had several roadblocks on something I'm working on totally solved by some very smart people
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Got tired of losing the TV remote so we got a tile tracker for it. Tracker adhesive isn't strong enough and the tracker keeps falling off.. So.. I just gutted the remote and embedded the tracker inside it
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
IMO this commuity would not be about profits or products but about just sharing with each other what we want to share publicly today but chose not to anymore because it is too risky. The vendors running the community should view it as a public service and not a selling point 5/5
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I kinda wish that the vendors in the Infosec industry would come together and build a invite only commuity for verified defenders that are vetted by way of being a customer of one of the companies and/or by membership in an industry ISAC. 4/n
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I think defenders capable (both in skill and resources) to leverage OST to improve their defenses are coming out better off because of OST, but the teams that can't are literally seeing their risk profile increase because the barrier to entry to attack them has been lowered 3/n
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
But I can totally see how a defender or heck just a regular Sysadmin could look at OST and think of what a mess it will create for them when they get rolled by some random crew with some OST someone released publicly. 2/n
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
My take on OST: as a defender in an organization that has budget and people that care enough about security that I can use OST to demonstrate why we need XYZ, I appreciate that OST being publicly released frees me from having to develop tooling myself to test my defense with. 1/n
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
I know I can fix this with the same sourcetype modification on the indexers. Our env has some shared infra so it's a lot easier for me to modify a sourcetype on my UFs than the indexers themselves. Just whining about the amount of sourcetype options that work from UF.
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Splunk, UF, and Timezones. Me: I know this data is coming into the system in EST, I'll just add the TZ to the sourcetype on this Splunk UF and it'll handle it nicely. Indexer: Looks like UTC to me. Search Head: There's no data in this index in the last 60 minutes. Me:
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Nothing says Friday night fun like your toddler falling down and standing up screaming with a mouthful of blood.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Has anyone dealt with deploying security monitoring agents to 100+ cloud accounts (AWS, Azure, GCP, etc) and kept effective tabs on which agents belong to which account for things like agent config and upgrade rollouts? What worked well? What didn't? Replies or DMs welcome!
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Information security for the business, demystified: Secure Fast Cheap Choose two.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Happy Monday! My ETW modular input for Splunk, TA_ETW, is now available on Splunkbase https://splunkbase.splunk.com/app/4777/
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Hey
@heipei, did the structure of API responses from http://urlscan.io change recently? Seems like the gsb key under meta:processors has stopped showing up. A 3rd party tool I'm using is a little brittle and doesn't like that gsb key to be missing
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Eric proslijedio/la je Tweet
We need a memorial to the unknown blue teamer. Hey you, yes you; the person changing firewall rules, patching the 22nd system out of 100, dealing with layer8 shenanigans... You're loved & appreciated. You don't need to be popping shells for glory. The work you do matters.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Dear IT Vendors of the World, If you cannot spell my organization's name correctly, your sales email immediately gets deleted. Just saying.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Here's the same parameter on New-AdminAuditlogSearch https://docs.microsoft.com/en-us/powershell/module/exchange/policy-and-compliance-audit/new-adminauditlogsearch?view=exchange-ps …pic.twitter.com/2K8GlWKLv2
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi -
Right now it says it is for internal use only. I tried to give it an email address to see what would happen and it did nothing
pic.twitter.com/OojUvGCrpB
Prikaži ovu nitHvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.