Ryan St. GermainDetecting system outbreaks with Sysmon and SplunkThis Splunk search will identify a potential network outbreak by showing you hosts who make a network connection to a given number of…Dec 14, 2020Dec 14, 2020
Ryan St. GermainQuick Take — AWS Network FirewallAmazon recently announced the release of a network firewall service. This gives organizations a cheap and easy stateful based firewall…Dec 8, 2020Dec 8, 2020
Ryan St. GermainIn response to the Wekby APT article written by PaloAlto, located here, I wanted to write a short…Rule #1: Log DNS queries! If you run your own DNS server this is easy. Every DNS request sent to your server should be logged. If you use…Dec 4, 2020Dec 4, 2020
Ryan St. GermainMigrating from CloudFlare to AWSIn order to gain a better understanding of how to architect a secure web application inside of AWS, I decided to migrate my simple…Dec 4, 2020Dec 4, 2020