The Essential Eight: The Foundation of Australian Compliance
The Australian Signals Directorate (ASD) is the overarching agency that incorporates the Australian Cyber Security Centre (ACSC), the government’s technical cybersecurity authority. In 2018, the ASD became a statutory agency, assuming responsibility for the Computer Emergency Response Team Australia and the Digital Transformation Agency. As part of the agency’s mission to improve Australian cybersecurity, it […]
Understanding the ENS Framework: A Guide to Spain’s National Security Framework
As governments continue to digitize services, the number of systems that support public administration continues to grow. With this expansion comes greater cybersecurity risk. To address these risks, Spain established the Esquema Nacional de Seguridad (ENS), a national framework designed to protect information systems used by public sector organizations. ENS defines the security requirements that […]
Your Data is Whispering and Needs a Human to Listen
If you have ever owned, operated, or supported a piece of technology, you have probably built a dashboard. Maybe it started as a quick chart to answer a simple question, then quietly grew into something more important. Dashboards are often created by the people who know the systems best, the ones who can wire together […]
What is OpenTelemetry and Why Do Organizations Use it?
Mining for information about environments is like trying to find gold. Looking for gold can be sifting through silty waters or blasting through a mine. In some cases, the gold nuggets are so small as to be almost invisible, some things look like gold but aren’t, and others are larger nuggets where the miner strikes […]
What is the Model Context Protocol (MCP)
The Iron Man’s J.A.R.V.I.S. is the artificial intelligence (AI) that almost every person wants to see. A conversational technology that answers questions like a friend would. The rise of large language models (LLMs) almost seems to give people the friendly robotic sidekick that generations of children grew up dreaming about. The rapid rise of AI […]
Detecting Notepad++ CVE-2025-49144 Using Sysmon Logs
Text editors rarely show up in threat models. Installers show up even less. CVE-2025-49144 changes that. The issue is a local privilege escalation in the Notepad++ Windows installer that can allow a low-privileged user to gain SYSTEM-level execution by abusing insecure executable search behavior during installation. Affected versions include Notepad++ 8.8.1 and earlier, per the […]
The Human-AI Alliance in Security Operations
Picture a SOC analyst starting an investigation. A suspicious spike in authentication activity appears on their dashboard, and they need to understand what’s happening quickly. To do that, they move through a familiar sequence of tools. What begins as a single investigation quickly turns into a chain of context switches: Reviewing a dashboard Pivoting […]
Anomaly Detection with Machine Learning to Improve Security
Being a security analyst can feel like being trapped in a Where’s Waldo book. You can find yourself staring at a data stream looking for something that “isn’t like the others.” However, as your organization collects and correlates more data from the environment, finding the Waldo can feel overwhelming. In a modern IT environment, organizations […]
Observability vs Monitoring: Getting a Full Picture of the Environment
Driving down the highway, you usually glance intermittently at your speedometer to ensure that you stay within the speed limit, or whatever window above the speed limit you’re willing to drive. While monitoring your speed mitigates the risk of a ticket, you still need to look out for various threats on the road, like cars […]
Compliance Readiness with Audit Logging
Whether pulling items together for a holiday dinner or prepping weekly meals, you need to have all the ingredients necessary to cook the meals you want to eat. Often, this means making a grocery list, checking off items as you take them from the shelves, and, possibly, grumbling when one of the items isn’t available. […]
From Atlassian JSON to Actionable Audit Insights
Atlassian audit logs carry high-value security and operational signals, yet the raw format makes them hard to use in day-to-day investigations. Nested JSON, arrays inside arrays, and localization keys turn routine questions into slow, manual work. For lean Security and IT teams, that friction shows up as delayed triage, fragile dashboards, and alerts that fire […]
Kubernetes Logging Best Practices
You’re sitting at your desk, typing away, when all of a sudden you hear a “ping!” Unfortunately, you have a browser with fifteen tabs open, a task management application, email, messaging applications, and calendars all open, making it difficult to know exactly which technology just pinged you. To identify the source, you open your system […]