Blog

Security Architecture Models

Introduction In this article, we will explore the different security architecture models available to us and what has driven the drive towards zero trust. These can help us design and organize security controls from the physical layer to the network in a way the helps us prioritise our investments in security by identifying gaps. We…

Architecting for the kill chain

MITRE ATT&CK framework can be a great resource for tracking and reviewing the kill chain and methodology used by threat actors, as part of a recent move to security architecture I got interested in how to design defence in depth that is mapped to adversarial threat actors kill chains and MITRE so I could better…

Nest

One of VBScripts boxes on windows focuses heavily on reversing applications to crack credentials. Run Nmap Only 445 is open? Lets run again with the -p- flag to confirm, feeling like another evil-winrm box. Foothold Enumeration Running a quick nmap scan for vulnerabilities doesn’t give us anything. We get the hostname. Enum4Linux doesn’t get us…