Lets Automate It

from Josh Rickard

Swimlane's Research Teams Open Sources pyattck

2019-07-11 swimlane Josh Rickard
As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what malware and tools are being used by specific actors or groups becomes more critical. Additionally, having a way to identify these relationships programatically is even more critical. Today, we are excited to announce the Swimlane research team has released pyattck — a Python package to interact with the Mitre ATT&CK Framework. Continue reading

Swimlane Open Sources graphish to Help SecOps Teams

2019-06-19 swimlane Josh Rickard
While having a conversation on Twitter about Microsoft Graph API I was convinced that the traditional Exchange eDiscovery features were not available in the Microsoft Graph API. Boy was I wrong. After stumbling across a few endpoints I had not seen previously, I decided to write a python package called graphish. graphish is an open-source python package Swimlane is open-sourcing that will enable IT, security operations (SecOps), developers and others to search and delete email messages from mailboxes using the Microsoft Graph API. Continue reading

Swimlane Research Team Open Sources py-ews

2019-05-22 swimlane Josh Rickard
Phishing impacts every organization, and security operations (SecOps) teams need to act quickly to remediate and prevent unknown threats within their email infrastructure. To help combat these threats, the Swimlane research team has open sourced py-ews to enable security and IT teams to interact with Microsoft Exchange Web Services (EWS) using Python. Why py-ews? Organizations continue to battle against malicious phishing emails in their email environments, but security and IT teams have limited visibility into what currently resides in their users' mailboxes. Continue reading

Automate Employee Off Boarding Process With Swimlane

2019-05-08 swimlane Josh Rickard
As more organizations discontinue internal services and begin adopting an increasing number of third-party *aaS-based services, ensuring the appropriate access is revoked in a timely manner is critical. By using our new employee off-boarding use case, you can automatically gather historical data, add a user to a monitoring watch list, and finally remove access when it is time to off-board an employee. The employee off-boarding use case contains two distinct applications to assist an organization with managing their employee off-boarding process. Continue reading

Automated Malware Analysis and Reverse Engineering With Soar

2019-03-14 swimlane Josh Rickard
We all know that security operations (SecOps) teams are overwhelmed by the extreme number of alerts they receive on a daily basis. Organizations are being attacked from all fronts, whether they know it or not. These attacks vary from social engineering, malicious emails, vulnerable services and applications, misconfiguration (job fatigue), etc. Traditionally in a security operations center (SOC), malware analysis—more specifically reverse engineering—is conducted by a highly trained member of the security team (depending on your size, this may be multiple individuals). Continue reading

How to Setup a Hugo Website on GitHub

2018-08-26 how-to Josh Rickard
I recently transitioned my blog over to GitHub Pages from WordPress. I was using the free version from WordPress.org and I wanted more granular control over the layout. Additionally, I wanted to automate my blog publishing and social media notifications; the free version of WordPress didn’t meet my needs. So I looked around and eventually fell in love with Hugo! This post outlines how to go about setting up a GitHub Pages website/blog using Hugo. Continue reading
Newer posts