While studying for the SC-100 exam, a concept really resonated with me: the definition of identity and its purpose in security.

I think for some folks (myself included), it's been all too easy to think of "identity" as a singular credential; a unique data element. Like an ID card. While understandable, I think that . . .

Read More

I like this succinct explanation from Check Point on the difference between "MITRE" and "MITRE Engenuity". Good stuff.

The MITRE Corporation is a US Government federally funded research and development center (FFRDC), and the MITRE Engenuity is a foundation dedicated to using the research and technology . . .

Read More

I'm digging this simple (but functional!) illustration of the NIST 800-161 response management phases, courtesy of Microsoft Learning:

Good stuff!

Read More

While perusing a study guide for SC-100 exam, I came across a really nice and succinct explanation for technical response. It's one of my favorite quotes now:

(...) there are two key goals that every incident response should aim to address from a technical perspective. The first is identifying the scope of the attack (...) . . .

Read More

I came across a nifty article explaining the difference between the legacy Log Analytics Agent and Azure Monitor Agent.

There's some feature improvements in terms of what logs can be retrieved with AMA but I think the biggest notable difference is performance-related. As per Microsoft: "The Azure Monitor agent provides a . . .

Read More

While working on a project recently, I came across an odd warning upon running curl:

foouser@foo:~$ curl "https://api.foo.example/blah"
Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output
Warning: . . .

Read More