If at first you don't succeed; call it version 1.0
@CyberSift we're big fans of monitoring DNS. While there are malware campaigns out there which communicate directly with hard coded IP addresses, monitoring DNS is a good strategy for keeping tabs on what's going on in your environment. When it comes to monitoring windows hosts, Sysmon is an absolute must. There's tons of information out … Continue reading Monitoring DNS requests with PowerShell
The problem Several network devices (especially Cisco) tend to use netflow for auditing network connections. It would be useful to log these connections in a structured data store (Elasticsearch is my data store of choice). Alternative Solutions Using the elasticsearch netflow module: https://www.elastic.co/guide/en/logstash/current/netflow-module.htmlThis works well right out of the box, and supports all netflow versions. … Continue reading Consuming Netflow using NiFi
The problem Given the following code: type User struct { gorm.Model Username string Orders []Order } type Order struct { gorm.Model UserID uint Foobar string } The above Golang code defines a "Has Many" association, leading to a schema where a "User" "has many" "Orders", with the "user_id" key acting as a foreign key. How … Continue reading Lessons Learned: GoLang GORM – filtering associations
Problem - What are we trying to solve? Let's assume you have the beginnings of a simple distributed system: You use redis as your event queueYou have a "master" python script that pickles a python class, and sends it to your redis queueYou have a "worker" python script that waits for a new event, unpickles … Continue reading Python Pickling in the cloud (or how to get python to execute code it hasn’t seen yet)
Linear regression is often one of the first algorithms that data analysts are introduced to. The intuition is simple: find the best line that fits a given data set. For example, given the below data set: you'd probably answer with something along these lines: That is, in fact, the answer given by Linear Regression. However, … Continue reading Exploring Gaussian Process vs Linear Regression
I had no idea the WebAuthn API even existed until I came across this article by @herrjemand. In that article, the author used WebAuthn to automatically generate and save passwords in the Chrome credential manager. What more can this browser API do? How would you use it? What is WebAuthn - and why the buzz? We know passwords are a necessary evil. Credential managers are a hassle to setup and use, passwords are re-used across sites and applications - and we often choose weak or easily-guessed passwords. WebAuthn is oft touted as a "password killer". We've seen … Continue reading Exploring the WebAuthn API; a bare-bones JS app
In the first part of this two-article series, we explored rolling your own WordPress GraphQL adapter, inspired by the work done by GatsbyJS, written in Javascript and hosted on GraphCool. In this article, we'll build the same thing, this time using Java. Spring Boot and GraphQL Java Kickstart make this quite easy. Pre-requisites For anyone … Continue reading Part 2 – Inspired by Gatsby.js : Rolling your own GraphQL powered WordPress API (this time with Spring Boot)
