0P3N Blog

Being able to respond and detect malicious events effectively is critical when operating SIEM solutions. There is a fine line between seeing too much and not seeing enough. This article will focus on how to identify and detect PowerShell ShellCode with a Splunk search query. That search can be made into a dashboard or even developed into an alert whenever ...

We live in a world where products and services are now manufactured by more than one provider located in different countries. However, the proliferation of the internet and IT technology shifted the outsourcing concept to a new dimension. Outsourcing is the practice of shifting part of the workload, tasks, work operations, or processes to an external vendor for a specific ...

The cybersecurity skills gap is a continuous and difficult challenge – and one (among many things) that the industry is working hard to resolve. Knowing first-hand what it's like to be in the cybersecurity fight every day while struggling to find the people and skills you need to get the job done is what makes me so passionate about this ...

Human users are at the base of data protection. Therefore, determining who has access to certain resources is a major concern for organizations. Access control refers to which users and/or processes have access to specified resources within an organization or network. An access control list contains all of the rules for the varying levels of access to portions of a ...

The Digital revolution has changed everything around us; nowadays, organizations of all types and across all industries utilize digital solutions to facilitate work operations and reduce costs. People worldwide are using technology to work, study, socialize, entertainment, shopping, or online banking, to name only a few. The sum of people interactions with technology generates a large amount of digital data, ...

Artificial Intelligence is one of the growing areas of technology that's expected to change how we do many things. Many people are looking at the impact of AI on Cybersecurity, but one major area that people are trying to improve is how people select their politicians. Artificial intelligence is meant to solve a problem associated with people's lack of awareness ...

Crowdstrike is an industry-leading EDR solution that is a must-have for any size enterprise. There are many features within Crowdstrike, and it can seem daunting to keep up with the weekly enhancements made to the Falcon platform. This article will uncover some of the most beneficial features to use on a day-to-day basis, along with some tips to streamline your ...

The Artificial Intelligence (AI) is an extensive branch of computer science that involves building smart machines capable of performing tasks that require human intelligence. AI enables computers and machines to mimic the perception, learning, problem-solving, and decision-making capabilities of the human mind. AI is an intelligent entity created by humans to make machines capable of thinking and acting humanely. ...

Phishing is an attempt to receive sensitive information like usernames, passwords, or credit card numbers by impersonating an entity that the victim trusts. This can mean impersonating someone's friend, their manager, significant other, etc. This attack type is extremely successful because the human factor is the weakest link in an organization's security operations. Typically, technology will do whatever it is ...

Why worry about logs? This is an entry-level introduction to Windows event logs in the context of cybersecurity. It will focus on Windows events that an analyst might want to look for to get familiar with the environment or start doing some threat hunting. Logs also help identify anomalies in user behavior that can provide valuable information about potential breaches. ...