Root
Honeypots
Honeypot Diaries: Masscan
A honeypot observations post documenting a threat actor attempting to install and use the masscan port scanner on a compromised host to scan for RDP and SSH targets, with SSH hardening mitigations.
Information Security
Setup and Securing Winlogbeat
Setting up Winlogbeat 8.0 with TLS communication and keystore-based credential management, following the principle of least privilege with role-based API keys.