Satisnet Ltd, Basepoint Innovation Centre, 110 Butterfield Great Marlings, Luton, Bedfordshire, LU2 8DL enquiry@satisnet.co.uk
+44 (0) 1582 434320
Filter posts by solution, product or vendor

QRadar User Behavioural Analytics App (UBA) version 2.2.0

With the development of the UBA App Extension, IBM is providing a very useful method of exposing a wide variety of user activities that may be fraudulent or malicious.

Read More

QRadar Use Case Series: Part 3: Data Exfiltration Attempt Through Online Storage

Welcome back to the IBM QRadar use case series. I am going to give ‘User Activity Monitoring’ a break for some time and focus this particular post on ‘File Activity Monitoring’. Although, not that dissimilar, we are identifying trends around directories and in particular files.

Read More

The KRACK Wi-Fi Security Weakness

Security researches this week discovered a serious vulnerability in WPA2, WPA2 (short for Wi-Fi Protected Access II) is a security standard that secures all modern protected Wi-Fi networks. Mathy Vanhoef of imec-DistriNet discovered and published a flow in WPA2 that allows anyone to break this protocol and intercept data communicating between your wireless device and the wifi network. This could be your photos, passwords, messages and so forth.

Read More

QRadar Technical Blog: HA and DR

People often question whether to use High Availability (HA) or Disaster Recovery (DR). In our view this is not really a valid question. The two techniques address different issues and probably the choice of “HA or DR” should be re-defined as “HA and DR”.

Read More

Protect your crown jewels – hardening access to Thycotic Secret Server

So, you have invested time and resource into Thycotic’s flagship product, Secret Server, in the understanding that all your privilege account information is secretly buried away, highly encrypted in a highly available MS-SQL cluster, redundant across all 5 continents.

Read More

A brief point on double standards…

Whilst trawling the internet for the topic for a blog I came across a fascinating POC attack for a method in which a user could payload Microsoft excel/word documents without the use of a macro. This exploited an inbuilt MS office suite utility in order to run commands on an end-user machine.

Read More

Netflix Scan Emails

Netflix is a popular online movie streaming platform where millions of users take the benefit of this service. As we know the online scam is transforming into a complex stage where it’s hard to believe on company emails that comes in the inboxes.

Read More

An Introduction to the ELKeBMWSC(Tn) Stack

ELK Stack is currently the preferred stack of software for DIY logging. It has been compared to the likes of Splunk, offering the incentive of being open-source. The ELK Stack is initially composed of three software packs: Elasticsearch, Logstash & Kibana.

Read More

Effective Cyber Hygiene - Breach Defense using Web Application Scanning

If you have been paying attention to the news lately, the name Equifax will have been on most IT professional’s lips, for good reasons or bad. The primary point of entry for the attack and subsequent leak began with an Apache Struts vulnerability, which Tenable wrote about way back in March.

Read More

Splunk 7 "What's New"

Splunk Enterprise 7 new release marks “the end of meh-trics,” and delivers improvements in machine learning, as well as speed and scale improvements for analytics, monitoring and alerting.

Read More

Pages