security

Logged ·

Roadmap to Incident Response Automation

Automating tasks in Incident Response (IR) is key to reduce the impact of incidents. Although it seems as easy as start writing scripts, in my experience, this objective must be tackled in a more scalable and robust way that encompasses security, data science, and software develo…

Logged ·

Logging Strategy

Logs are a key part of successful security or IT plan because they are an outstanding mechanism to diagnose many types of incidents. That's why every corporation should have a strategy to define what logs will be tracked and for how long. Usually, different log sources overlap da…

Logged ·

A Word on Cybersecurity Assessments

I've been working with the incident response (IR) for a few years and more recently when Red Teams (RTs) started trending, I experienced some avoidable friction between both teams I wanted to share. Disclaimer: This text is based on my own experience and may not reflect the whol…

Logged ·

Implementing a Network Probing Machine

In my job, we needed to perform some networking tests in an unsafe network segment, so I decided to make a machine for that purpose, granting that the risks were mitigated by hardening the operating system. In this post, I describe the steps to create this environment. Installat…

Logged ·

Securely Managing Passwords and MFA Codes

Keeping credentials secure is key for good security architecture, but since there are lots of technologies to help users achieving that, most people do not know how to correctly use them. In this text, I am going to expose my way of managing passwords and Multi-factor Authentica…

Logged ·

AWS Certified Security Specialty

For the last few months I had been studying for the AWS Certified Security - Specialty (SCS) certification and in this review, I am going to present every step I took to get this new certification in my career. The SCS (a.k.a. Security Engineering on AWS) is an advanced certific…

Logged ·

Becoming CISSP

In this post, I am going to share my personal experience to obtain the CISSP certification. CISSP is one of the most renowned certifications for the information security career and it is said that it is very hard to earn. Earlier this year (2020), I decided to give CISSP a try …

Logged ·

Hardening Arch Linux

This is a direct sequence of Installing Arch Linux, which already includes some hardening practices. This guide will go one step further because I am applying some CIS controls specific for Linux environments, obviously scoping and tailoring for my personal purposes. Security x …

Logged ·

Installing Arch Linux

I have decided to install Arch Linux on my next laptop but first had to test it to be sure of my choice. Since I was looking for a hardened installation, which was not covered by the official installation guide, I decided to create this guide for my personal use and I hope it wi…

Logged ·

CompTIA Security+: Notas

No fim de 2019, a empresa onde eu trabalho ofereceu um curso preparatório para a certificação CompTIA Security+ (S+), com direito a um voucher para o exame. Até então, essa era uma das certificações que eu planejava pedir para os contratados do SOC, mas achei uma ótima oportunid…