At first, it was just a simple team-building trip with less than ten participants. However, it became a tradition and year after year, more birds joined our nest and the trip grew bigger. After sharing stories and legends of previous years, both new joiners and veterans were waiting for the D-Day of this year’s famous … Continue reading The Birds Fly away!
Nowadays, logs collection for security monitoring is about indexing, searching and datalakes; this is why at NVISO we use Elasticsearch for our threat hunting activities. Collecting, aggregating and searching data at a very high speed is challenging in big environment, especially when the flow is bigger than expected. At NVISO, we are constantly seeking for … Continue reading Optimizing Elasticsearch for security log collection – part 1: reducing the number of shards
In this second blog post in a series about Azure Security Logging, we will focus on some of the key services that are used in most Azure deployments. We go into detail how logging can be enabled, what logging options are available and what relevant data is generated. Log sources in Azure At the moment … Continue reading Azure Security Logging – part 2: security-logging capabilities of Azure resources
In this first blog post in a series about Azure Security Logging, we will give a general overview of the types of logs available for Azure services including their storage options. We will also discuss how to define a security logging strategy in Azure. In the upcoming blog posts, we will go into detail about … Continue reading Azure Security Logging – part I: defining your logging strategy
TL;DR - There are many Android SSL pinning bypass scripts available for Frida. However, those don't always work on obfuscated applications. If the application uses OkHttp, there's an easy way to find a convenient place to bypass the pinning by grepping for the right SMALI string. The target For this blogpost, I've created a little … Continue reading Circumventing SSL Pinning in obfuscated apps with OkHttp
TL;DR: Verified boot is a fundamental security technology and it is important to be able to experiment with it on easily accessible hardware. However, creating a Verified boot demo on a Raspberry Pi 3 is harder than it sounds. We set out to find resources on the internet. Unfortunately, some of these were outdated, others … Continue reading Enabling Verified boot on Raspberry Pi 3