Hannah SuarezISO/IEC 27001 for startups and small businessesWhile ISO/IEC 27001 compliance certification is usually associated with enterprises, the standard is pliant enough to be adapted by…Jan 26, 2022Jan 26, 2022
Hannah SuarezMITRE ATT&CK Conference 2019 — RecapThis is a repost of my original entry posted on my blog here.Nov 2, 2019Nov 2, 2019
Hannah SuarezList of HKEY_* / Windows Registry keys and subkeys to audit based on MITRE ATT&CK (and more)What is the MITRE ATT&CK Framework and JPCert Detecting Lateral Movements?Oct 13, 2019Oct 13, 2019
Hannah SuarezGoing beyond the obfuscation and on to the emitted eventsLet’s say you have malware code, and it is obfuscating some sort of line such as below:Sep 3, 2019Sep 3, 2019
Hannah SuarezUnifying Ingress Authentications — Lessons LearntThis post is somewhat a followup to my previous post about collecting Windows ingress authentications and converting them to Rapid7…Aug 18, 2019Aug 18, 2019
Hannah SuarezCollecting Windows Ingress Authentication Events using Rapid7 Universal Event FormatsIn October 2018, Rapid7 released Universal Event Formats (UEF) as a way to allow event sources to make use of Rapid7 user behavior…Aug 4, 2019Aug 4, 2019
Hannah SuarezTop sources for better Linux log collection with NXLogIf you have ever wondered which sources to start your Linux log collection, look no further than this entry. Below are some of the common…Jul 10, 2019Jul 10, 2019
Hannah SuarezWhat are the top EventLog IDs and ID Groups to watch out for indicators of compromise or…Here’s a list below.Jul 9, 2019Jul 9, 2019