Operations | Monitoring | ITSM | DevOps | Cloud

%term

Monitive Mission Statement: "Why am I doing what I do?"

And no, it’s not summoning a few Venture Capital rounds of funding to pour them into a business, nor wasting my life on vacations or my money on gadgets. “What makes us happy?” I have to admit I’ve pursued this goal for a large part of my life. I know that some form of success is linked to happiness, and I know that success is not that esoteric feature that only the gifted among us get to possess. Success, just like happiness, is something we all have.

Encrypting an Unencrypted RDS Snapshot

RDS snapshots can be unencrypted or they can be encrypted at rest. Today, best practice is to use encryption-at-rest on your RDS instances and clusters, and to encrypt your RDS snapshots. When you create an RDS snapshot from an RDS instance or cluster, the resulting snapshot will be encrypted if the source instance or cluster is encrypted. But if the source is not encrypted, then your RDS snapshot is not encrypted. When you create an RDS snapshot, you are not given the option to encrypt it.

Let's talk about STIX, TAXII, and threat intelligence

In terms of collaboration, Structured Threat Information eXpression (STIX) and Trusted Automated eXchange of Indicator Information (TAXII) represent a revolution in the security industry. These protocols transformed the field of threat intelligence from a fragmented collection of information to a unified standard for information sharing. In this blog, I will examine this transition and how it came about.

Introducing Elastic Machine Learning Data Visualizer

Automatically Model the Complexity of the Real World. Skip defining rules, specifying thresholds, or manually building out statistical models. Our machine learning features make it easy to start identifying anomalies. Just describe the data you're interested analyzing (requests per second) and what other properties might influence it (server, IP, username), and that's it.

Monitor webpages for changes with VisualPing

Frequent online shoppers, travel enthusiasts, parents seeking admissions for their wards, or the average online newsreader are all constantly plugged on to the Internet hoping to see the information they want updated on the respective websites. The only thing they can do is keep refreshing webpages and waiting for a change. Don’t you think that’s a waste of time and energy? You could instead be doing something more productive.

From PowerShell to p@W3RH311 - Detecting and Preventing PowerShell Attacks

In part one I provided a high level overview of PowerShell and the potential risk it poses to networks. Of course we can only mitigate some PowerShell attacks if we have a trace, so going forward I am assuming that you followed part 1 of this series and enabled: Module Logging, Script Block Logging, Security Process Tracking (4688/4689)