Category Archives: Preparation

PowerShell Basic Introduction (Security Version)

PowerShell has grown since its introduction in 2003 and implementation in Windows XP in 2006. What started as a closed source, proprietary upgrade to the Command Prompt has now grown into an open-source, resource rich Command Line Interface (CLI) and … Continue reading

Posted in Incident Response, PowerShell, Preparation, Windows Forensics | Tagged , , , , , , , | 1 Comment

Types of Threat – Explained

From a high level what are the types or categories of threats faced by the Security professional? Let’s go over some basics. Internal Authorised Internal Unauthorised Internal to External External to Internal External to External (new) The first 4 are … Continue reading

Posted in Cyber, Forensic Readiness Plan, Incident Response, Preparation | Tagged , , , , , , | Leave a comment

Pass-the-hash Mitigation – Tip of the Day

I have been recently researching Pass the Hash mitigation techniques and I have found that there are the usual comments about not logging on to workstations with Admin accounts, ensuring your local admin accounts don’t have the same password, ensuring … Continue reading

Posted in Group Policy, Hardening, Incident Response, pass the hash, Pen Testing, Preparation, Research | Tagged , , , , , | Leave a comment

Incident Response Process Phase 1 – Preparation

This phase is open-ended, you will always be tweaking and fiddling policies and technologies to make the environment as secure as you can. Just as you think it’s fixed, a zero day comes along and ruins your picnic. So what … Continue reading

Posted in Incident Response, Preparation | Tagged , , , | Leave a comment