Posts tagged Komand

5 min Automation and Orchestration

Introduction to BlockChain

Synopsis Blockchain is an innovative crypto technology that enables the way forward for many systems and industries, with financial industry being the immediate beneficiary. Fairly recent, even by technology industry standards, it started off as underlying implementation for the cryptocurrency bitcoin but has surpassed bitcoin in its acceptance and relevance. It has taken a life of its own as a technology of choice for distributed, decentralised, consensus systems. This tutorial looks at blockch

2 min Komand

A Year in Review: Our Top 5 Komand Tech Blog Posts in 2016

Here at Komand, we get revved up about the technology we use. As we use tech from our stack [/2016/09/21/the-komand-tech-stack-why-we-chose-our-technology/], we learn more in-depth knowledge but sometimes run into challenges. Some of these challenges our developers have faced aren’t always clear cut, or there hasn’t always been an answer easily available online. So we set aside time to share what we’ve learned in these scenarios. Here are the top tips, tricks, and tutorials on what we’ve learne

3 min Komand

A Year in Review: Our Top 7 Security Operations Blog Posts in 2016

Over the past year, Komand has grown as a company along with the cybersecurity community. One of the many ways we have been able to do so is by providing a constant stream of blog articles, where we’ve shared our experiences to help security teams be more efficient and effective. It’s a pleasure to provide our community with ways to enhance and improve security within an organization. So much so that we look forward to all we will do in the upcoming year. But first, these blogs have proven to b

1 min Komand

A Recap of the Inaugural Komand Demo Webinar

We recently hosted our first ever live demo webinar, and wanted to share a bit of what was discussed and presented. Komand was founded as a catalyst to a problem in security operations. Founder and CEO Jen Andre, who comes from an extensive background in cybersecurity, saw how overwhelmed security teams were. Her experience helped her to identify targeted solutions to these common and unique problems in the field: * Too many alerts, not enough time * Manual, time-intensive process * Uninteg

6 min Automation and Orchestration

Cybersecurity careers and the certifications needed

Synopsis Cybersecurity has become one of the top sought after careers in the Information Technology field.  Careers ranging from an ethical hacker to a security auditor.  With so many options to choose from, where do you start to pursue such a purposeful and exciting future?  I will explain some of the top certifications that are offered and what fields they are associated with. Institutes and their certifications International Information Systems Security Certification Consortium, Inc. (ISC)2

5 min Automation and Orchestration

Inspecting Network Traffic with tcpdump

Synopsis Tcpdump, as the name suggests, captures and dumps(writes) the network traffic passing through a given server’s or node’s network interfaces . It is a classic command line tool written in 1987 and remains one of the most powerful tools for analyzing network traffic. Many options and filters available in the tool makes it easier to slice and dice the data. The data then can be used by network administrators and enthusiasts for many purposes such as, security & forensic analyses, trouble s

5 min Automation and Orchestration

How to Install OpenVPN on Windows

Synopsis With the growth of online privacy and security concerns, as well as people wanting to work around geo-restrictions, VPNs are becoming much more mainstream. They no longer rest in the realm of security professionals and the overly paranoid. OpenVPN is the most secure VPN protocol you can use and this guide will teach you what it is, as well as how to install it on Windows. If you are looking to install OpenVPN on another operating system, visit their website [https://openvpn.net/index.

3 min Komand

3 Steps for Effective Information Security Event Triage [Infographic]

Before you jump into action when a security alrm sounds, you need to first assess what happened. Pulling together the details of the event will help you determine if there is a real security incident, and if so, how you will need to respond. But often in the frenzy of security alerts, we get caught up in processes or start jumping to conclusions without enough info. This can lead to a haphazard incident response. From my experience, there's a simpler way; one that is efficienct, not bogged dow

4 min Automation and Orchestration

Burp Series: Intercepting and modifying made easy

Synopsis As a penetration tester I have many tools that I use to help with web application testing, but the one tool that never lets me down is Burp suite by portswigger.  Burp suite is an intercepting proxy that allows you to modify and inspect web traffic, it comes in two flavors, free and paid.  The free version is powerful enough to assist any pen test engineer, whereas the paid version will add extra features to make your tests go smoother and faster. I am going to walk you through the beg

7 min Komand

How to Render Components Outside the Main ReactJS App

We use React here at Komand as one of our core libraries in our front-end applications and while it does a great job of abstracting away the code for managing the DOM, sometimes that can be problematic. With React, you have JSX which is just XML sugar for declaring what DOM elements you want React to render. React just renders the elements where they are defined within the JSX. For example, this JSX… <div className=“content”> Content <Modal> I’m a modal </Modal> </div> ... would res

6 min Automation and Orchestration

Introduction to Honeypots

Synopsis With an ever-increasing number of methods and tactics used to attack networks, the goal of securing a network must also continually expand in scope. While traditional methods such as IDS/IPS systems, DMZ’s, penetration testing and various other tools can create a very secure network, it is best to assume vulnerabilities will always exist, and sooner or later, they will be exploited. Thus, we need to continuously find innovative ways of countering the threats, and one such way is to depl

7 min Komand

SOC Series: How to Make a Security Operations Center More Efficient

You have your security operations center (SOC) in place, now what? Creating a SOC is not a cheap undertaking, so to be sure your investment in people and resources pays off, your next task is to make it as efficient as possible. Efficiency drives time-to-response, and with intrusion detection and incident response, optimizing for this metric is crucial. Over the long term, it also becomes more cost-effective. I’ve seen the good, the bad, and the ugly during my time working as an analyst in a

5 min Komand

Early Warning Detectors Using AWS Access Keys as Honeytokens

Deception lures are all of the rage these days [http://blogs.gartner.com/anton-chuvakin/2016/11/21/our-applying-deception-technologies-and-techniques-to-improve-threat-detection-and-response-paper-is-published/?utm_content=buffera88d3&utm_medium=social&utm_source=twitter.com&utm_campaign=buffer] , and when deployed properly, are extremely low overhead to maintain and trigger little to no false alarms. Honeytokens, closely related to honeypots, are ‘tripwires’ that you leave on machines and data

4 min Komand

Adding Proactive Components to Your Incident Response Process

Effectiveness in security operations is a common theme these days. Often, security teams already have a long list of ways to optimize their current programs and processes, but not enough time to endlessly fiddle with the details. Choosing methods to boost effectiveness usually comes down to scale of impact and, ultimately, priority. One high visibility way to improve your response times, and, as a result, the success of your team is by shifting from a reactive security posture to a proactive on

3 min Komand

3 Signals Your Security Workflows Are Inefficient

When valuable time is spent on mundane tasks, it means that there isn’t enough for strategic planning or timely response to security events and incidents. That’s how threats go unnoticed and vulnerabilities remain open for days, weeks, or months at a time. With the cost of a data breach averaging $4 million [http://www-03.ibm.com/security/data-breach/], this can’t be ignored. Every security team worth its salt wants to: * Prove their value by doing high-value and strategic work, and; * Catch