information-technology

Azure Key Vault Tradecraft with BARK
BriefThis post details the existing and new functions in BARK that support adversarial tradecraft research relevant to the Azure Key Vault service. The latter part of the post shows an example of ...

Browserless Entra Device Code Flow
Zugspitze, Bavaria, Germany. Photo by Andrew ChilesDid you know that it is possible to perform every step in Entra’s OAuth 2.0 Device Code flow — including the user authentication steps — without a browser?Why that matters:Automating authentication flows enables ...

Misconfiguration Manager: Overlooked and Overprivileged
TL;DR: Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance. We’re also presenting this material at SO-CON 2024 on March 11, ...

Microsoft Breach — What Happened? What Should Azure Admins Do?
Microsoft Breach — What Happened? What Should Azure Admins Do?On January 25, 2024, Microsoft published a blog post that detailed their recent breach at the hands of “Midnight Blizzard”. In this blog post, I will ...

How to Break Into a Cybersecurity Career – Rob Fuller (Mubix)
This week we continue our series on how to break into a cybersecurity career with long time industry veteran, Rob Fuller (Mubix). Rob speaks with us about how he started his career ...

How Information Security Breaks The Classic IT Model
How Information Security Breaks The Classic IT ModelFrom The Other Side Of The PO Blog: Part 4CEO: “ Due to complications in the market with unexpected changes in product and customer spending, ...
How Tripwire Log Center and Tripwire Industrial Visibility Can Work Together
Many industrial security professionals lack visibility into their organizations’ assets and processes. This includes Industrial Internet of Things (IIoT) devices as well as industrial organizations’ supply chains. Back in March 2021, Tripwire ...
How to protect a corporate Wi-Fi network
The importance of Wi-Fi both for providing various services to customers and employees and for managing and receiving data from technological facilities, coupled with the interoperability of IoT devices, is increasing every ...

The Complete Guide to Securing Your Software Development Lifecycle
How to improve the security of your application with strong DevSecOpsPhoto by 愚木混株 cdd20 on UnsplashThe unfortunate reality is this: application security is in an abysmal state. Industry research reveals that 80% of ...

Does Your Health App Meet HIPAA Compliance Requirements?
Photo by Mockup Graphics on UnsplashHealthcare providers increasingly use mobile apps and web applications as part of the move to telemedicine. As of July 2021, analyst McKinsey noted that telehealth utilization had stabilized ...