Lets Automate It

from Josh Rickard

Hey InfoSec, What Are You Doing to Protect Your DevOps Teams

2019-06-14 Swimlane Josh Rickard

DevOps, serverless applications and containers are just a few of the latest advancements in a developer’s toolbox. For development teams, this means that the time to market (TTM) is faster—especially for Agile teams. So, how and what are security operations teams doing to ensure that security is keeping pace with this rapid development? Most are attempting to incorporate a security engineer within their development teams—which is a great first step—but there are multiple layers that you need to ensure you are protecting your organization beyond your source-code.

Continue reading
Devops

Swimlane Research Team Open Sources py-ews

2019-05-22 Swimlane Josh Rickard

Phishing impacts every organization, and security operations (SecOps) teams need to act quickly to remediate and prevent unknown threats within their email infrastructure. To help combat these threats, the Swimlane research team has open sourced py-ews to enable security and IT teams to interact with Microsoft Exchange Web Services (EWS) using Python.

Why py-ews?

Organizations continue to battle against malicious phishing emails in their email environments, but security and IT teams have limited visibility into what currently resides in their users’ mailboxes. py-ews was written to give control back to your security and IT teams so they can remediate threats faster.

Continue reading
Automation Exchange Python Ews Tool

Automate Employee Off Boarding Process With Swimlane

2019-05-08 Swimlane Josh Rickard

As more organizations discontinue internal services and begin adopting an increasing number of third-party *aaS-based services, ensuring the appropriate access is revoked in a timely manner is critical. By using our new employee off-boarding use case, you can automatically gather historical data, add a user to a monitoring watch list, and finally remove access when it is time to off-board an employee.

The employee off-boarding use case contains two distinct applications to assist an organization with managing their employee off-boarding process. The first is the employee application, which contains all relevant information about the employee as well as references to the second application: assets. The assets application contains individual assets to which the employee has access. These assets can be applications, services or hardware.

Continue reading
Automation Off-Boarding Employee

Swimlane Runner Up in Microsoft Graph Security Hackathon

2019-04-02 Swimlane Josh Rickard

Within a few weeks of starting at Swimlane, our CEO Cody Cornell mentioned the Microsoft Graph Security Hackathon — put on by the Microsoft Graph Security team and DevPost. After assembling a team and a lot of hard work, we were notified yesterday that our submission earned runner up!

We were extremely excited to participate in this unique event as we were about to begin our development of our Microsoft Graph Security API bundle, and this would be the perfect opportunity for us to showcase the power of Swimlane.

Continue reading
Graph Security Hackathon Microsoft

Microsoft's OAuth2 Part 1: Endpoints and Application Types

2019-03-27 Swimlane Josh Rickard

As an information security or IT professional, understanding the concepts around Microsoft OAuth 2.0 or OpenID Connect authentication can be daunting. There are thousands of pages of documentation, and if you want to interact with a Microsoft Cloud service—like Microsoft Graph—it can be a minefield of information.

In this three-part series, I am going to share with you my insights on Microsoft’s OAuth2 Implementation in hopes that it will help your organization understand and use OAuth2 when using Microsoft cloud-based services. This series is broken out into the following parts:

Continue reading
Oauth2 Microsoft
Older posts Newer posts
© 2026 Josh Rickard - rss
Bilberry Hugo Theme