Category Knowledge

SAST and DAST

SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing) are two methods used to identify security vulnerabilities in software applications. Here’s a brief overview of each: SAST (Static Application Security Testing) DAST (Dynamic Application Security Testing) Key Differences…

MITRE ATT&CK > D3FEND > RE&CT

MITRE ATT&CK, MITRE D3FEND, and MITRE RE&CT are all frameworks developed by MITRE to help organizations understand and mitigate cyber threats. However, they each have a different focus and purpose. MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) MITRE ATT&CK…

Logstash, Meet Sentinel… Sentinel, Meet Logstash!

Background In both our free workshop and popular Defending Enterprises training we heavily utilise Elastic’s Winlogbeat, Auditbeat, Filebeat and Packetbeat agents. In past editions this data finally ended up in an Elastic backend which was accessed using Kibana. A common setup that works well. Since the release of Microsoft Sentinel back in 2019…