Setting up Elastic SIEM[Elasticsearch + Kibana] with secured communication in a VM homelab for experimentation and learning. This guide walks through configuration and options to assemble a functional SIEM stack to expand upon.

The mindset necessary to score well on the CISSP.

Risk Management is the foundation for all security decisions. ISRM: Information Security Risk Management ISRM, or Information Security Risk Management is the process of managing risks associated with the use of information technology. It involves identifying, assessing, and treating risks to the confidentiality, integrity, and availability of an organization’s assets. Managing risks associated with the IT/CIA Triad Source Risk Definitions Lingo for identifying risk. For the CISSP, you need to be solid on definitions since organizations use of terms can shift a bit.

Google Cloud Platform tools to mitigate various potential exploits and vulnerabilities. Dives into securing infrastructure, Network protections, Application Security, and Content vulnerabilities. Notes from Coursera course.

Hello dear player! Won’t you please come help me get my wish! I’m searching teacher’s database, but all I find are fish! Do all his boating trips effect some database dilution? It should not be this hard for me to find the quiz solution! Find the solution hidden in the MongoDB on this system. Login Found Mongo’s hosted port with netstat -lntp Then connecto to the exposed port with:

Notes from Coursera ‘Managing Security in GCP’ course.

Notes from the early Coursera GCP Core part of Security in Google Cloud Platform course. Recording relevant terminology(buzzwords) and quotes from the video lectures. Not 100% complete, if there was a topic I’m very familiar with, I possibly skipped taking down long form notes. The course was useful reminder of what-does-what, so I’ll deem it worth keeping around for now. TTL=2years?

Notes from Steve White’s OWASP PDX talk on modernizing Security for cloud native platforms.

BSides PDX talk by Aaron Parneki. How OAuth works, and various examples of how it has been breached.