Sandfly Security

toolsmith #151: Agentless Linux security with unmatched speed and reliability

Sandfly Security, headquartered in New Zealand (where they know sandflies all to well), refers to itself as such because they’re like sandflies: they relentlessly bug and discourage intruders, deploying like a swarm onto endpoints, then disappear only to return again and again. Theses swarms of checks make life miserable for hackers on Linux hosts while minimizing system impact. I’ve been following Sandfly’s Craig Rowland on Twitter for awhile with the intent of giving Sandlfy a look for toolsmith, and in the time I’ve kept watch, the offering has grown into a comprehensive and robust platform for Linux security.

[Read More]

EDA with CISSM

toolsmith #150: Exploratory Data Analysis with University of Maryland's Center for International and Security Studies Cyber Attacks Database

Introduction

Exploratory data analysis (EDA) is a mission critical task underpinning the predominance of detection development and preparation for cybersecurity-centric machine learning. There are a number of actions that analysts can take to better understand a particular data set and ready it for more robust utilization. In the spirit of toolsmith, and celebration of this being the 150th issue since toolsmith’s inception in late 2006, consider what follows a collection of tools for your security data analytics tool kit.

[Read More]

HolisticInfoSec

Russ McRee

Russ McRee writes award-winning toolsmith, published monthly as often as possible. ;-) As of August 2018, toolsmith is exclusively published via holisticinfosec.io. From September 2015 through August 2018, toolsmith was exclusively published at the HolisticInfoSec blog. From November 2006 through August 2015, toolsmith was published in the ISSA Journal. Thank you for your continued patronage and support. August 2015 - There Is No Privacy - Hook Analyser vs. Hacking Team July 2015 - Malware Analysis with REMnux Docker Containers June 2015 - IoT Fruit - Pineapple and Raspberry May 2015 - Attack & Detection: Hunting in-memory adversaries with Rekall and WinPmem April 2015 - Rapid Assessment of Web Resources (RAWR! [Read More]