It’s the most pentested time of the year
With the CIO knocking and auditors flocking to be in the clear
It’s the most pentested time of the year.
Last HaXmas, I gave you my PIN
But without 2FA, you gave it away
This year, to save me from theft
I’ll hold on to my credentials.
Fatal, fatal, fatal
My data went away
The OS was unsteady
Oh fatal is my day.
I don't want IOCs for HaXmas
There is just one thing I need
Something to find threat’ning behavior
And report it in a feed
I just want to be shown
Potential threats, some unknown
Please make my wish come true
All I want for HaXmas is UBA.
Jingle bell, jingle bell, jingle bell SOC
Powershells swing and red alerts ring
Hunting and searching, the work's never done
Now the triaging has begun.
I saw DevOps search their asset logs
Analyze and track them through the night
Oh, what a laugh it would have been,
If IT had only seen DevOps searching asset logs last night.
My network got run over by a hacker
Pwning hard from his house HaXmas eve
You can say there's no such thing as 0Days
But as for me and SecOps, we believe.
Through the years the hackers have grown stronger
Let your pings be light
From now on your logins will be right in sight
So, have yourself an alert-free holiday tonight.