Summary:
Rob Fuller AKA Mubix joins me to talk about security tooling every organization should have. This was a result of a discussion Rob and I were having about Thinkst Canary and RunZero. Two fantastic tools that are low cost, easy implementation, and provide a ton of value to a security team.
Episode Highlights:
Lots of tooling to talk about
You might hear Rob mention that he’s used one of the tools I suggest in a pentest engagement
Guest Information:
Rob Fuller aka Mubix - Twitter
https://malicious.link/
Resources and Mentions:
RunZero
https://www.runzero.com/
Canaries (Thinkst)
https://canarytokens.org/
https://canary.tools/
Shodan.io
https://www.shodan.io/
OSQuery / Fleet
https://github.com/fleetdm/fleet
https://fleetdm.com/
Netbird / TailScale
https://netbird.io/
https://tailscale.com/
Sysmon / GrayLog / Logstash / Cribl / Zeek / Wazuh
https://github.com/SwiftOnSecurity/sysmon-config
https://graylog.org/
https://www.elastic.co/logstash
https://cribl.io/
https://zeek.org/get-zeek/
https://wazuh.com/
Security Onion -
GoDot - Game Dev -> Security Awareness / Security Appreciation
https://godotengine.org/
PDQ
https://www.pdq.com/
GOAD
https://github.com/Orange-Cyberdefense/GOAD
Velociraptor
https://docs.velociraptor.app/training/
MISP
https://www.misp-project.org/
LinkedIn Suggestions
WisQuas - Lost Rabbit Labs - Noa Park suggestion
https://www.lostrabbitlabs.com/wisquas
Deprovisioning tool - Arvil Nagpal - Abbey Labs
https://www.abbey.io/
Contact Information:
Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.
Check out our services page and reach out if you see any services that fit your needs.
Social Media Links:
[RSS Feed] [iTunes] [LinkedIn]
SubscribeSign up with your email address to receive news and updates.
Email Address Sign UpWe respect your privacy.
Thank you!