The Double-Edged Sword of System Updates: Security Gains and Logging Changes
System updates are a crucial aspect of maintaining secure IT infrastructure. While they often bring improvements, they can also introduce changes that require adaptation. A recent example of this is the upgrade to OPNsense 24.7, which altered the format of filter and Suricata logs.
Read next
The Unglamorous Loop That Decides Everything: Inside the Vulnerability and Configuration Management Labs
I've been working through the second edition of the Cybersecurity Architect's Handbook's "secret menu" one domain at a time...the controls that still mean something after everything else has fallen. This installment does something different...it looks down at the ground all of them are standing on.
The Innermost Ring: Hands-On Identity and Encryption Labs from the Cybersecurity Architect's Handbook, Second Edition
Every control we design as architects ultimately serves one of two questions. Who is allowed to do what — and is the data still protected ... Access control answers the first. Data protection answers the second. Together they form the innermost ring of a defense-in-depth architecture...
The Source of Foreknowledge: Inside the Security Monitoring and Analytics Labs of the Cybersecurity Architect's Handbook
Every query a device makes is a statement of intent — what it wanted to reach, when, and how often — and once you're logging them, you're no longer just blocking bad names. You're watching behavior....