Blog
Deploy Elastic Agent with Microsoft Intune
In my previous story I shared how any organisation can go from having zero security visibility to having a wealth of contextual information in less than a day. In this article I’m going to share a small Powershell script that can be used with any management tool to deploy Elastic Agent to a whole fleet of Windows systems. Using this tool an administrator can easily deploy Elastic Agent to 10 or 1000 systems without breaking a sweat!
October 28, 2021
From Zero to Visibility in record time
With Security context is critical ; to make a simple analogy there is a huge difference between your wife holding a bread-knife during the daytime is a very different situation to an intruder wielding that same knife in the dark of night. At Threatbear we help Aussie companies detect and respond to Cybersecurity threats and the workflow often goes like this : Install an Osquery fleet server ~1day Build the binaries and connect the endpoints ~1day+
May 28, 2021
Renaming multiple files
How to rename thousands of files with unique names using bash scripting.
February 27, 2019
Digital Ocean dictates what nodes you can add to their Kubernetes service
When one pays money to rent the compute resources from another it should be the customer — not the provider — that decide whether a system can run a workload or not. Simply put I signed up for the Digital Ocean Kubernetes preview and it worked well. Super easy way to get started with Kubernetes and in my case a great way to run periodic jobs in a secure (using k8s secrets) and repeatable (defining my CRON job in a YAML file and ‘applying’ it to the cluster) way.
January 2, 2019
Using Amazon Athena to check if a password has been pawned
Check if passwords have been pawned using Amazon Athena and the HaveIBeenPwned dataset.
July 23, 2018
FTDI drivers on OSX reap havoc with USB ports
In order to update the firmware on pycom.io’s Lopy development boards you need to install the FTDI Virtual COM port drivers (shasum b57377e10de1c8ae9ddaffa147e4cc529c3571b512bba4798b2b6054d4fabd92) for OSX. After an indeterminate amount of time my left USB port on my Macbook Air stopped working properly. If I listed the USB devices on the system : system_profiler SPUSBDataType The device would be listed yet the device details would not be present (and would not work
September 6, 2017
Why you should choose Hashicorp Vault to store your secrets
Scattered secrets? Learn why Hashicorp Vault's secure & auditable approach is the smart choice for modern infrastructure.
August 29, 2017
Automate your DevOps environment with hyper.sh and a Yubikey
Hyper.sh containers make a great devops workstation for a number of reasons: You can shut them down when not in use which saves money and also reduces the attack surface. Hyper.sh containers have a private Layer 2 segment which can be fire-walled using security groups and which are not shared with other customers. Hyper containers have better isolation than Docker containers (hardware isolation, just like a VM) However starting your devops workstation every time you start the day is painful, that is why I created a little python script that uses osquery to start up my workstation when I plug in my yubikey.
August 16, 2017
Rackspace please add support for Slack notifications to Rackspace Intelligence
Want Rackspace alerts in Slack? Discover how this vital feature would streamline monitoring and improve team collaboration.
July 4, 2017