security Archives

Home » security » Page 4

What a security champion is

Dave Farquhar security October 31, 2022October 30, 2022

October is security awareness month. So before you go spend the remaining 11 months of the year blissfully less aware of what security types like me do, let’s talk about what a security champion is, and the role a security champion plays in the IT organization.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

How to read a Qualys scan report

Dave Farquhar security August 15, 2022August 7, 2022

Reading and analyzing a Qualys scan is an underrated skill. Frankly, I see a lot of misuse and abuse surrounding Qualys scans. So let’s talk about how to read and analyze a Qualys scan for the purpose of understanding and solving problems.

You can read it in the user interface but I recommend exporting a CSV so you can sort and filter. The exact CSV format has changed a bit over the years so they may not be in this exact order. But this will get you started. The most important columns are all here.

Dave Farquhar

dfarq.homeip.net

Is a SOC analyst a good job

Dave Farquhar security July 18, 2022March 26, 2024

As a security professional, I frequently get questions about security careers. One common topic is the role of SOC analyst. What is a SOC analyst, and is a SOC analyst a good job? Those are fair questions, and not necessarily as straightforward as it first sounds.

Dave Farquhar

dfarq.homeip.net

Remove Unicode and extended ASCII in Notepad++

Dave Farquhar security July 13, 2022April 4, 2023

There’s been a number of times in my career where I’ve needed to convert files to plain text. That means plain. No smart quotes, Unicode, extended ASCII characters, or other funny business. Here’s how to use Notepad++ to quickly remove all of these types of characters from a text file. Here’s what to do when your plaintext isn’t plain enough.

Dave Farquhar

dfarq.homeip.net

Qualys duplicate assets

Dave Farquhar security May 4, 2022April 30, 2022

One of the most frequent problems people ask me about when doing a health check on their vulnerability management program is duplicate assets in Qualys. If you simply run the tool with the defaults, it is definitely possible to end up with duplicate assets. But with a few configuration changes, you can mostly eliminate this problem.

Dave Farquhar

dfarq.homeip.net

Cyber Kill Chain vs Mitre ATT&CK

Dave Farquhar security January 26, 2022January 26, 2022

The Cyber Kill Chain, developed by Lockheed Martin, and Mitre ATT&CK (pronounced “attack”), are frequently compared, for obvious reasons. Both of them describe how adversaries attack computer networks. So when it comes to Cyber Kill Chain vs Mitre ATT&CK, which is better? It depends who’s asking.

Dave Farquhar

dfarq.homeip.net

Update Windows third-party utilities semi-automatically

Dave Farquhar security, Windows January 17, 2022March 15, 2023

I used to have and recommend a tool for updating all your third party software on Windows machines. Unfortunately that tool went end of life several years ago. But Microsoft, of all people, has a tool that works suitably. Usage is similar to apt or yum on Linux. It’s called Microsoft App Installer, and at the command line, it takes the form of the command winget.

App Installer is a free tool that updates what Windows Update won’t. That means open source apps, but also some third party apps, and even some difficult-to-update Microsoft apps, like the Visual C++ runtime. It is capable of updating more than 3,000 apps.
Read more

Dave Farquhar

dfarq.homeip.net

Resume downloads with wget

Dave Farquhar security January 11, 2022January 5, 2023

I was downloading from a very intermittent webserver and the download kept quitting less than 80% in. And if my timing wasn’t perfect, the web browser wouldn’t resume it. Then I thought to try to resume my downloads with wget.

wget is a command line tool for Linux, other Unix-like operating systems, and Windows. It is good for resuming downloads and can even do it automatically.

Dave Farquhar

dfarq.homeip.net

Is open source software safe to use?

Dave Farquhar security January 4, 2022March 30, 2024

The safety of open source software is a question that comes up periodically from time to time. Let’s talk about why the question keeps coming up, and what’s different about open source software versus closed source software.

The main thing that can get you when it comes to the safety of open source software is anything but obvious. Hint: it isn’t the development model.

Dave Farquhar

dfarq.homeip.net

How common are Zero Day attacks?

Dave Farquhar security January 3, 2022March 15, 2023

The recent Log4J vulnerability brought increased attention on 0 day attacks, but it’s a question that never really goes away. How common are zero day attacks?

Zero day attacks are less common than they seem because attackers don’t understand them as well as less new and novel attacks. Managing those less novel vulnerabilities is a real challenge for many organizations, but it’s something they must get a handle on to defend themselves effectively.

Dave Farquhar

dfarq.homeip.net