Posts tagged Komand

3 min Komand

A Framework for Selecting and Implementing Security Tools Today

Security products are often purchased to either mark a compliance checkbox, have the newest, shiniest tool on the market, or because of a great vendor pitch, but those reasons don’t support a strategic approach to security posture. With so many technologies out there today, we put together a simple and straightforward framework you can use to make signal out of noise and select the technology that fits your unique needs. 1. Hire People First A big misstep that many organizations make is pickin

2 min Komand

Some of Our Favorite #BadDefconAdvice Tweets

We didn't get the opportunity to attend Def Con this year. But with a hashtag like #BadDefconAdvice, we feel like we're kind of there in spirit. Many suggestions are simply security no nos to begin with. Others are entertaining, to say the least. So, we compiled a list that made us laugh, cry, and even cringe a little. Here are some of our fave tweets so far (with commentary!✨): > make sure to wear a hoodie, for fellow hackers to recognize you #BadDefconAdvice [https://twitter.com/hashtag/BadD

10 min Komand

Building a Simple CLI Tool with Golang

Go offers a simple way to build command-line tools using only standard libraries. So I put together a step-by-step example to help walk you through the process. To write a Go program, you’ll need Go setup up on your computer [https://golang.org/doc/install]. If you’re not familiar with Go and want to spend a little extra time learning, you can take the Go tour [https://tour.golang.org/welcome/1] to get started! In this example, we’ll create a command-line tool called stringparse, that will cou

4 min Automation and Orchestration

Bro Series: The Programming Language

Synopsis: Bro [https://www.bro.org/]is a network security monitoring platform. The reason for calling it a platform is due to the fact that Bro is a domain specific programming language and a collection of tools and APIs. Together, they comprise a platform for network monitoring. In this article, we will attempt to solidify the fact that Bro is a language by using it as such. Data Types The Bro scripting language supports the following built-in types [https://www.bro.org/sphinx/script-reference

4 min Komand

Automate User Provisioning and Deprovisioning with Security Orchestration and Automation

Managing user permissions is a critical process all organizations should be able to do quickly and effectively in order to respond to a variety of security threats. In reality, most companies aren’t able to provision or deprovision user accounts fast enough when such a threat arises — putting their organizations at risk. While many enterprises make use of single-sign on (SSO) solutions to help protect user accounts, increasingly, SaaS and other third-party applications that don’t support SSO ar

8 min Komand

Defender Spotlight: April C. Wright of Verizon Enterprise Services

Welcome to Defender Spotlight! In this weekly blog series, we interview cybersecurity defenders of all varieties about their experience working in security operations. We’ll inquire about their favorite tools, and ask advice on security topics, trends, and other know-how._ Today, we're talking with April Wright. She is currently working for Verizon Enterprise Services as a Security Program Lead, and is a fellow lover of security defenses. April is devoted to teaching, creating, learning, and he

4 min Komand

How Security Orchestration Can Stop Insider and Outsider Attacks

Running a successful security operations center [/4-experts-explain-the-best-strategies-for-a-successful-security-operations-center] (SOC) is a tall order. It requires assembling an ideal mix of people, processes, and tools [/the-importance-of-investing-in-people-before-tools-in-cybersecurity] , and connecting them in ways that make it possible to respond to threats fast while also maintaining a strategic overall security posture. One of the best ways to make sure that a SOC runs seamlessly is

2 min Komand

How to Build a Powerful Cybersecurity Arsenal with Free & Open Source Tools

Whether you're creating a security program on a budget or building a security operations center with cost-effectiveness in mind, we believe having the right people, processes, and tools—in that order—is essential to an effective security posture. We’ve talked before about finding the right people andassembling your security team first [/2016/07/07/the-importance-of-investing-in-people-before-tools-in-cybersecurity/] is a smart move. Today, we want to talk about the “tools” part of the equation

7 min Komand

Making Bug Reporting Easier with AWS S3 and AWS Lambda

Getting users to submit bug reports can take time, energy, and thus requires a strong desire for the consumer to act upon. For developers, it means that it may take more time to be notified of a bug. Not everyone is a power user who will report odd things, especially those that are not mission critical. Here at Komand, we came up with a neat little solution to make reporting bugs easier for our users. To do this we must take some of the work out of the reports. Tasks such as bug notifications (

8 min Komand

Quick security wins in Golang (Part 1)

We all know security is hard. Let’s walk through some basic security principles you can use to get your Golang web application up and running securely.  If you just want to see the code check out the application on Github: Golang Secure Example Application (gosea) [http://github.com/komand/gosea]. Recently, I gave a lightning talk on using Golang middleware to implement some basic security controls at the Boston Golang Meetup [http://www.meetup.com/Boston-Go-lang-User-Group/].  This post will i

4 min Komand

A Guide to Defending Pokemon Go Gyms: Lessons from Cybersecurity

You’ve probably heard of this Pokemon Go thing. We recently featured the game in our latest newsletter, and have since been running around like PokeManiacs trying to catch ‘em all. While discussing our Komand group strategy (Yes, we’re playing as a team 😅), we couldn’t help but notice parallels between Pokemon Go and cybersecurity. In particular, we see strong correlations between gym defense and cyberdefense. For those that aren’t privvy, the goal of Pokemon Go is to collect and train as many

9 min Komand

Local Cybersecurity Meetups Near You

Here at Komand, we understand the importance of being part of a community [https://komunity.komand.com]. [https://komunity.komand.com/] Not everyone can can afford the cost or time commitment necessary to attend large conferences. But that shouldn’t stop you from staying current, connected and active with the security community. Think local meetups: easy access, inexpensive, and in a relaxing environment with familiar faces. Recently, we featured US Cybersecurity Conferences [/2016/06/22/us-cyb

3 min Komand

The Importance of Investing in People Before Tools in Cybersecurity

As more and more point solutions crowd into the security market [http://www.securityweek.com/enterprise-security-being-weighed-down-point-solutions] , many companies are adopting a tools-first approach to security operations. And while tools are important, investing in technology before people can cause big problems. Without the right people at the helm able to select and then use the tools, most security products end up in the security tool graveyard—unconfigured, unoptimized, unuseful. In to

9 min Komand

The Best Strategies for a Successful Security Operations Center Explained by 4 Security Experts

The threats we all hear about today aren’t new. They also aren’t going away, but they are evolving. Hackers have existed for many years, and so too have our defenders. What has and is changing is the tactics used to defend against increasingly complex threats. And it’s on our security operations centers (SOCs) to batten down the hatches and sound the alarms, but are they enabled and prepared to do so? While we have many ideas on how security automation [http://www.komand.com] is the next genera

5 min Automation and Orchestration

AWS Series: Creating a Privoxy, Tor Instance

Synopsis: If you want to increase your privacy or perform security research with Tor [https://www.torproject.org/], Privoxy [http://www.privoxy.org/], etc. a virtual server is an excellent choice. I’m using Amazon EC2 which provides a years worth of a VM with limited resources for free. A few benefits are listed below 1. Low cost 2. Access from just about anywhere 3. Low resource allocation 4. Easy to spin up Creating the Cloud Instance: After logging into your Amazon cloud account select