https://www.wriotsecurity.com/Recent content in Home on wriotsecHugo -- gohugo.ioenTue, 31 Jan 2023 22:12:00 +0000https://www.wriotsecurity.com/posts/exploring-windows-event-logs-for-incident-response/Tue, 31 Jan 2023 22:12:00 +0000https://www.wriotsecurity.com/posts/exploring-windows-event-logs-for-incident-response/ <p>Elastic Security is incredibly useful for threat hunting especially with the success of tools like RockNSM and the HELK project. But what about hunting through old logs aided by detection tools that threat hunters use? How feasible is it to use Elastic Security if just want to stand it up the tool and throw some data at it? In this blog we we will explore how to take advantage of Elastic Security and the open source detection rules that are bundled in each release.</p>https://www.wriotsecurity.com/posts/setting-up-wsl-ansible-and-packer-for-devops/Fri, 31 Dec 2021 22:48:24 -0600https://www.wriotsecurity.com/posts/setting-up-wsl-ansible-and-packer-for-devops/ <p>WSL stands for Windows Subsystem for Linux. It allows Windows to run a lightweight Linux environment for running Linux binaries on Windows. I have not set it up from scratch by myself but have used it in the past with lab VM's like the one associated with <a href="https://www.antisyphontraining.com/pay-what-you-can/">Black Hills Information Security's Pay What You Can</a> courses. However, over the holidays I got myself an upgraded laptop and so I thought I would give it a try!</p>