Thoughts, stories and ideas on cyber security

Telemetry and Modern Workspaces: A Three-Headed Hound

Telemetry and Modern Workspaces: A Three-Headed Hound

Telemetry for cyber security is currently at a crossroads. While past methods have been efficient by being based on network monitoring, the

Indicators: Our Worst Nightmare?

Indicators: Our Worst Nightmare?

Over what have become some years, cyber security professionals have been working on optimising the sharing of information and knowledge. A l

Taking GRR 3.1 RC for a Spin

Taking GRR 3.1 RC for a Spin

For those of you who didn't get the memo, Google announced the immediate availability of Google Rapid Response server 3.1 RC at yesterdays m

A Novel Way of Detecting Malicious PDF Documents

A Novel Way of Detecting Malicious PDF Documents

For some time now the Portable Document Format standard has been a considerable risk in regard to corporate as well as private information s

Social Network Analysis and Object Attribution with Maltego 3

Social Network Analysis and Object Attribution with Maltego 3

I wrote this article with a fellow student of mine, Petter. Social Network Analysis (SNA) is getting more and more widespread now that onlin

A Graph Experiment with Threats and Incidents

I currently maintain this threat database, and up until now I've generated the graph data for d3 using queries, and a lot of logic, in a MyS

Graphs at Scale, Titan-Rexster: Gephi Visualization Options

Following up on my post yesterday, I have also been looking at graphs the other way - from a scalable database to a manageable graph involvi

Simple Rexster Graph Setup

Graphs is by no question an important step in regard to structure large datasets in more meaningful ways. I figured that many won't have the

A Check-in on The Progress of Google Rapid Response

6 months have gone by since I first experienced Google Rapid Response (GRR), and GRR is still a pretty amazing concept and tool. The platfor

Cleaning Up The Google Rapid Response Inventory

This post is inspired from Google Rapid Response (GRR) issue #49, and is relevant if you do testing against a GRR server instance for cleani

The PCAP Format in a Hadoop Ingestion Perspective

A cluster is a really powerful tool to handle all of your data. If you think along the lines of using Hadoop for network monitoring for inst

From Traversing With Gremlin To A Python/JSON Tree

Dropping you guys a small note about a problem I've been working on. I figure this will help someone in the future. Let's say you have this

Booting a Mac Mini (OCT 2014) with Debian 8.0

Booting a Mac Mini (OCT 2014) with Debian 8.0

There are a lot of guides on booting Linux on an Mac Mini, and the Mac Mini is absolutely great. There's also a lot of guides which takes so

Migration in Progress!

Migration in Progress!

Due to a lot of performance issues with Wordpress I'm bringing this thing to a new platform. The content is coming over too, I'm just making

Hortonworks Brings Indexing and Search to HDP2.2

Hortonworks Brings Indexing and Search to HDP2.2

Bet you’ve heard about the new Hortonworks Data Platform 2.2, right? If you haven’t I have some good news for you – it comes preloaded with

Search All The Maltego Graphs

I've previously been writing on how to read and process Maltego mtgx graph archives. When you start to get a directory with a lot of them yo

Next