Blue Team

Author, Blue Team, How-To, Jordan Drysdale Critical Controls, it security, Jordan Drysdale, Small Business, Small Business Security

Small and Medium Business Security Strategies: Part 1

Jordan Drysdale// Blurb: A few of us have discussed the stress that small and medium business proprietors and operators feel these days. We want to help stress you out even […]

Read the entire post here

Author, Blue Team, John Strand Active Defense, ADHD, Arguing is Fun, Debates, Law, No Debate is Finished Until Hitler Is Mentioned

Debating the Active Defense Law.. Because Arguing is Fun

John Strand // I wanted to take a few moments and address the “Hacking Back” law that is working people up. There is a tremendously well-founded fear that this law […]

Read the entire post here

Blue Team, Webcasts

WEBCAST: How to Guide Your Company to Test its POC

Lidia Giuliano//* The endpoint protection space is a hot market. With statistics showing malware creation ranging from 300,000 to a million pieces a day, traditional signatures just can’t keep up. […]

Read the entire post here

Author, Beau Bullock, Blue Team, Blue Team Tools, Webcasts CredDefense, defense, defensive tool, Pentesting, tool, toolkit

WEBCAST: CredDefense Toolkit

Beau Bullock, Brian Fehrman, & Derek Banks // Pentesting organizations as your day-to-day job quickly reveals commonalities among environments. Although each test is a bit unique, there’s a typical path […]

Read the entire post here

Author, Blue Team, Blue Team Tools, Derek Banks CredDefense, CredDefense Toolkid, End Point Log Consolidation, HoneyToken, kerberoasting, Pentesting, tool, WEF, Windows, Windows Event Forwarder

End-Point Log Consolidation with Windows Event Forwarder

Derek Banks // I want to expand on our previous blog post on consolidated endpoint event logging and use Windows Event Forwarding and live off the Microsoft land for shipping […]

Read the entire post here

Author, Beau Bullock, Blue Team, Blue Team Tools, Brian Fehrman Cred Defense Tool Kit, CredDefense, CredDefense Toolkit, event log consolidation, hardening accounts, kerberoasting, password auditing, password spraying, Pentesting, ResponderGuard

The CredDefense Toolkit

Derek Banks, Beau Bullock, & Brian Fehrman // Our clients often ask how they could have detected and prevented the post-exploitation activities we used in their environment to gain elevated […]

Read the entire post here

Author, Blue Team, Blue Team Tools, John Strand, Webcasts Active DAD, Active Defense Harbinger Distribution, Active Directory Active Defense, ADAD, ADHD, honey accounts

WEBCAST: Active Domain Active Defense (Active DAD) Primer with John Strand

This is the in-studio version of our live in DC event from July. In this webcast, John covers how to set up Active Directory Active Defense (ADAD) using tools in […]

Read the entire post here

Blue Team, Hunt Teaming Bro IDS, dnscat2, How to, meterpreter, PowerShell Empire, RITA

Let’s Go Hunting! How to Hunt Command & Control Channels Using Bro IDS and RITA

Logan Lembke// Here at BHIS, we ♥ Bro IDS. Imagine… Bro IDS Everywhere! If you haven’t encountered Bro IDS before, checkout this webcast on John’s Youtube channel discussing the need for Bro […]

Read the entire post here

Author, Blue Team, Blue Team Tools, Kent Ickler Defending, Defending Websites, Distributed Fail2Ban, Fail2Ban, IPtables, Kent Ickler, Pirates, Website Defense

How to Configure Distributed Fail2Ban: Actionable Threat Feed Intelligence

Kent Ickler // How to Configure Distributed Fail2Ban: Actionable Threat Feed Intelligence Fail2Ban is a system that monitors logs and triggers actions based on those logs. While actions can be […]

Read the entire post here