Discovering an OSSEC/Wazuh Encryption Issue
I’m trying to get the Wazuh agent (a fork of OSSEC, one of the most popular open source security tools, used for intrusion detection) to talk to our custom backendContinue reading
Is It Really Two-Factor Authentication?
Terminology-wise, there is a clear distinction between two-factor authentication (multi-factor authentication) and two-step verification (authentication), as this article explains. 2FA/MFA is authentication using more than one factors, i.e. “something youContinue reading
Making Sense of the Information Security Landscape
There are hundreds of different information security solutions out there and choosing which one to pick can be hard. Usually decisions are driven by recommendations, vendor familiarity, successful upsells, complianceContinue reading
Encryption Overview [Webinar]
“Encryption” has turned into a buzzword, especially after privacy standards and regulation vaguely mention it and vendors rush to provide “encryption”. But what does it mean in practice? I didContinue reading
Seven Legacy Integration Patterns
If we have to integrate two (or more) systems nowadays, we know – we either use an API or, more rarely, some message queue. Unfortunately, many systems in the worldContinue reading
Low-Code, Rapid Application Development and Digital Transformation
Recently, many low-code/no-code solutions have gained speed in the enterprise, giving non-technical people the option to create simple applications. Analysts predict that the low-code industry will grow by 20+% eachContinue reading
Six Things I Learned from Mr. Robot
Mr. Robot is an amazingly accurate series about a hacker (Elliot Alderson) and his, uhm, undertakings. The series is consulted by many cybersecurity experts and so every hack that happensContinue reading
Am I a Real Expert?
The other day I had a conversation with a scientist friend who said something along the lines of “yes, I work in that general field, but I’m not an expertContinue reading
An AWS Elasticsearch Post-Mortem
So it happened that we had a production issue on the SaaS version of LogSentinel – our Elasticsearch stopped indexing new data. There was no data loss, as elasticsearch isContinue reading
Where Is This Coming From?
In enterprise software the top one question you have to answer as a developer almost every day is “Where is this coming from?”. When trying to fix bugs, when developingContinue reading