The Forest Whispers My Name

Threat Intelligence teams and Information

Security teams often struggle to communicate to leadership why a specific vulnerability should be taken seriously or given more precedence, especially when the CVSS score is low.

This post is a brief explanation of how to use a threat scoring matrix to consistently evaluate threat actors, then combine that score with a CVSS score to communicate the true risk posed to your organisation. It helps provide a measurable score that can easily be integrated with CVSS scoring systems, thereby also facilitating risk scoring automation. It also allows the leadership to make a well-informed decision as a vulnerability is considered within the context of a comprehensive threat actor profile seeking to exploit the vulnerability. We discuss the example matrix metrics below, and you may download the The Threat Actor Impact Scoring Matrix PDF from here [1]. It uses a five-point scale to scorer a threat actor based on nine criteria: determination, motivation, technical resources, financial resources, intelligence resources, skills/expertise, time they went undetected, team size, and time available to dedicate to malicious activities. It then scores the target (presumably you) on three criteria: probability of successful attack, stage of any technical exploit, and the attacker’s focus.

Continue reading "Threat Scoring and Risk Management"

Occasionally (as in, many times), a git source code repository needs to have something removed from it permanently, even from the history. Hint: PRIVATE SSH keys….

Continue reading "Removing and purging files from git history"

This example shows how to create a bash function that will accept white space arguments.
This doesn’t come up often but when it does I have to re-discover how to do it.
This little reminder will make that rediscovery process unnecessary.

Continue reading "Bash function that accepts white space arguments"

Austin Powers famously stumbled over his introduction: Allow myself to introduce myself.
Hilarious to be sure, but the rest of us non-comedic secret agents need to stop using a plethora of redundant phrases.
Why these phrases became so commonplace is probably due to a desire for additional emphasis.
That, or perhaps they are just mistakes that stuck around?

Continue reading "From the department of redundancy: repetitious phrases to stop using"

The proper use of apostrophes when denoting plural or possessive nouns is the subject of many tutorials, especially the rule-breaker “its/it’s.”
But there should be no debate about whether acronyms or other all-capitalised or numeric constructions should include an apostrophe when made plural: they shouldn’t!

Continue reading "Apostrophes have no place in plural acronyms"

Differences between 2>&-, 2>/dev/null, |&, &>/dev/null and >/dev/null 2>&1…

Continue reading "Shell: Differences in Output Forwarding"

DevOps is a term emerging from the collision of two major related trends.
The first was also called “agile system administration” or “agile operations” — with focus on applying newer Agile approaches to operations work.

This new “fashion” trend is making some companies abuse the Agile terminologies, making both Dev and Ops life miserable.

The second is a much expanded understanding of the value of collaboration between development and operations staff throughout all stages of the development lifecycle when creating and operating a service.

Continue reading "Why You Don’t Need a DevOps Team"

For evangelists, DevOps is a culture and a transformation. For some engineers, DevOps is a set of agile tools and techniques. For managers, DevOps is a probably a methodology. For other people it is just a buzzword and for recruiters, DevOps is a job.

I think DevOps is not just a buzzword but somehow it is a mix of all the above definitions: There is no digital transformation without the right methodologies, the right tools and the right engineers.

Continue reading "From DEVOPS to devops"

The DevOps movement has encountered a certain amount of criticism for not being more prescriptive. “The principles sound nice,” critics say, “but how do we actually do it?” They get even more frustrated when proponents answer, “you have to figure it out for yourself.”

Continue reading "DevOps As Design"

Open up a terminal. Run ‘type time’. You’ll be told that “time is a shell keyword”. Now run ‘which time’ and you’ll see ‘/usr/bin/time’, which looks like a path to a binary. Are they the same thing? Nope.

In fact, one of them can give you a whole lot of interesting information that the other can’t.

Continue reading "/usr/bin/time, Jim, but not as you know it"

Some call it eliminating distractions. Some call it flow. Tuning out of your immediately surroundings has been shown to increase focus on internal thinking processes. In this post I’ll dive into both the neurological components as well as folk-advice surrounding this phenomenon.

Continue reading "Why do devs wear headphones? Same reason that you can’t juggle."

Design Patterns for Humans is an effort to explain design patterns in plain words and simple examples.

Continue reading "Design Patterns for Humans"

It's not everyday you see Ansible yaml with useful regular expressions. Parsing text printouts within Ansible playbooks.

This is SO true, it is both painful and laughable.

(c) CommitStrip

Not a new subject, but still interesting.

Continue reading "the 'cd //' conundrum"