Adarma Tech Blog

Introduction

I’m Mike, and I’m a Security Consultant with Adarma. One of my principle responsibilities is to work with some of the UK’s (and world’s)…

A look at DNS based red team tools from a blue team perspective.

The end of static thresholds. No ML.

Windows event IDs have a great capability for threat detection and hunting. Here’s some of the top IDs to look for based on experience.

The first time I heard the term “women in science” was during the induction week organised from Edinburgh Napier University. I did not…

Getting started with the MITRE ATT&CK Framework can be a little intimidating, especially when implementing on an existing enterprise…

Threat Hunting with Splunk, Mordor, and DeTT&CT

An introduction into securing GCP with Forseti

Current Splunk instances have a configuration issue that needs to be mitigated before the end of 2019.

Automating the collection and ingestion of forensic data into Splunk.

A tutorial using Splunk’s KV store to mask sensitive data (PII) with the ability to unmask based on access control.