Grep On Security
Cyber Security Engineering Blog

Latest

16
Jan
DORA's TLPT Mandate: Is Your Bank Ready?

DORA's TLPT Mandate: Is Your Bank Ready?

Yesterday, I had a meeting with an international consulting firm about the Digital Operational Resilience Act (DORA), which officially comes
3 min read
30
Dec
Threat Modeling Hands-On

Threat Modeling Hands-On

Introduction Threat modeling can feel intimidating, especially if you're unsure where to begin, don’t know the right
9 min read
26
Dec
Deploying Sysmon via GPO

Deploying Sysmon via GPO

While I explained in my previous article how to collect Windows Event Logs which already provide some valuable insights, it
5 min read
15
Nov
Using NIST CSF 2.0 for SMEs

Using NIST CSF 2.0 for SMEs

As a security engineer with some experience in GRC, even though it is not my primary focus in my day
4 min read
21
Oct
SIEM - Guide to Windows Event Logs Auditing and Forwarding

SIEM - Guide to Windows Event Logs Auditing and Forwarding

Introduction Collecting Windows Event logs is crucial for maintaining a secure and well-monitored IT environment. Whether it’s tracking user
10 min read
06
Oct
Reclaiming Disk Space on Root Volume by Shrinking Home in RHEL with XFS

Reclaiming Disk Space on Root Volume by Shrinking Home in RHEL with XFS

Introduction Lately, I found myself called on an incident where a critical security application was running on a Red Hat
4 min read
18
Aug
Learning About Cloud Security for Swiss Private Banks

Learning About Cloud Security for Swiss Private Banks

It has been 3 months since I moved from the tech industry to the banking sector, and here is my
6 min read
17
Jun
MITRE ATT&CK - Gap Assessment Analysis and Threat Profiling

MITRE ATT&CK - Gap Assessment Analysis and Threat Profiling

Introduction: Understanding MITRE ATT&CK Navigator The MITRE ATT&CK Navigator is a powerful tool that helps cyber
7 min read
21
May
Mastering CyberArk EPM: Implementation Guide

Mastering CyberArk EPM: Implementation Guide

When looking for Endpoint Privilege Management (EPM) solutions, there are not a lot of options out there. The main market
9 min read
08
May
Writing Security Policies for SOC2

Writing Security Policies for SOC2

Transitioning from ISO27001 certification to SOC2 compliance is a natural progression for many organizations. Whether you've already obtained
4 min read