PinnedTruvis ThorntonConnecting Linux to Microsoft Windows Server Active Directory for management and easy access —…One of the many items people will ask me is: How do you manage your Linux machines in a Windows environment and can you add them to AD?Jun 30, 2023Jun 30, 2023
PinnedTruvis ThorntonSending OPNSense Syslog, Suricata, and Firewall logs into CRIBL Stream with GEO IP Tagging with log…OPNSense is a great open source firewall but it’s not the most supported in some cases when it comes to sending it’s logs into SIEMs. In…Jul 6, 2023Jul 6, 2023
PinnedTruvis ThorntonCommandline Auditing — Using different tools to security your Linux server and environments.By deault Linux does not offer or have any commandline auditing or logging so you never know who did what, where, when and why. But there…Jul 6, 20231Jul 6, 20231
Truvis ThorntonProxmox Backup Server: Securely create, configure and setup an optimized PBS for storing snapshots…It should be noted that this does not backup the config of the host servers. While this is on the roadmap for Proxmox, just be mindful of…Jul 7Jul 7
Truvis ThorntonAzure Sentinel Workbook/Dashboard: PurpleTeam Event Viewing Dashboard — quickly threat hunt and…Do you need a quick way to find and view events related to an exercise or an active attack? This dashboard allows you to quickly search…Jun 29Jun 29
Truvis ThorntonMicrosoft Azure Sentinel 101: Update alert descriptions dynamically without limits — Unlimited…In this article, we will walk through how to get more meta data and items in the alert description to help your analysis out with what…Jun 14Jun 14
Truvis ThorntonMicrosoft Azure Sentinel 101: Automatically add TLP(Traffic Light Pattern) to Incidents with logic…Depending on your environment, you may need to TLP tag all your content, and this walk through is a good way to do it. I’ll only be going…Jun 13Jun 13
Truvis ThorntonMicrosoft Azure Sentinel 101: Dynamically update and change Alert/Incident Severity — based on…Depending on how you run your SOC, you may wish to drop Severity to help prevent going over SLAs, especially when an alert is not a threat…Jun 13Jun 13
Truvis ThorntonProxmox Configuration: Change Proxmox Repository to Fix Update Error — TASK ERROR: command apt-get…DetailsJun 3Jun 3
Truvis ThorntonPart 2: Threat Detection Engineering and Incident Response with AuditD and Sentinel — Combine…NOTE: This article is based off the following:May 27May 27