Latest Posts
SunBurst : APT against Solarwinds , mapped to Kill Chain
Following the attack on FireEye, the details are revealed and the US Department of Homeland Security (DHS) has issued an Emergency Directive (ED) regarding a backdoor being exploited in SolarWinds[…]
Read more
Applying Attack Surface Reduction on top of Attack Surface Reduction : ASR2
First some definitions/terminologies so that we all know what we are talking about Threat Actor: A threat actor or malicious actor is a person, entity or an object responsible for[…]
Read more
Open EDR Components
This post describes the architecture of Open EDR components. The documentation for a component usually includes an information which is enough for understanding how it works and for developing it.[…]
Read more
Comodo XDR: eXtended Detection and Response : Discovering Unknowns, Revealing Hidden Threats
Comodo was one of the pioneers of Extended Detection and Response into network (XDR), web and cloud and I guess I am the one to blame as I charted and[…]
Read more