splunk

Azure and Azure Active Directory Monitoring Use Cases

Azure and Azure Active Directory Monitoring Use Cases 1522 2048 Anton Ovrutsky

Intro Wrangling data exposed by various Azure services is a daunting challenge. Because numerous tables exist with many available data types, finding the table with a particular Azure action or…

read more

Kubernetes Hunting & Visibility

Kubernetes Hunting & Visibility 1280 905 Anton Ovrutsky

Intro Enterprise workloads are increasingly shifting to modern micro-service architectures. This shift can potentially mean that visibility, hunting, and defensive frameworks lag behind their traditional on-premises architectures and deployments. The…

read more

Sysmon for Linux Test Drive

Sysmon for Linux Test Drive 1090 727 Anton Ovrutsky

If you have been within planetary orbit of our Purple Team, you will know that we are huge fans of Sysmon. You can imagine our excitement when Microsoft announced that…

read more

Emails and Malicious Macros – What Can Go Wrong?

Emails and Malicious Macros – What Can Go Wrong? 2048 1365 Anton Ovrutsky

Intro A few months ago, we published a blog post that examined the telemetry available through Office 365, including email visibility. If you read the blog and thought to yourself,…

read more

Taking a Look at Office 365 Logs

Taking a Look at Office 365 Logs 1090 727 Anton Ovrutsky

Intro Office 365 enables productivity and collaboration among teams and business units. As it’s utilization grows in popularity, productivity tools become increasingly attractive targets to attackers. So often attack chains…

read more

WFH Lateral Movement TTPs

WFH Lateral Movement TTPs 800 533 Anton Ovrutsky

WFH Lateral Movement TTPs With the increase of remote working arrangements due to the ongoing pandemic, corporate endpoints are now located far beyond the standard corporate perimeter. This presents attackers…

read more

Hunt Fast: Splunk and tstats

Hunt Fast: Splunk and tstats 1090 818 Anton Ovrutsky

Intro One of the aspects of defending enterprises that humbles me the most is scale. Enabling different logging and sending those logs to some kind of centralized SIEM device sounds…

read more

Where There is Unity, There is Victory

[Ubi concordia, ibi victoria]

– Publius Syrus

Contact Lares Consulting logo (image)

Continuous defensive improvement through adversarial simulation and collaboration.

Email Us

©2019 Lares, LLC | All rights reserved.
Privacy Preferences

When you visit our website, it may store information through your browser from specific services, usually in the form of cookies. Some types of cookies may impact your experience on our website and the services we are able to offer. It may disable certain pages or features entirely. If you do not agree to the storage or tracking of your data and activities, you should leave the site now.

Our website uses cookies, many to support third-party services, such as Google Analytics. Click now to agree to our use of cookies or you may leave the site now.