I'm going to start by telling you a story of hacking, confusion and ultimately losing my stuff (for want of a politer term).  As an application security engineer, I dip my toes in lots of domains, from systems administration to analytic to software engineering, even blue team work. When  I first started out I had a small server called Glados (named after the Portal2 computer). Glados was a public facing web server where I served up some useful stuff and it ran some of my programs, and also kept lots of my files some of them important files. until one day something strange happened. 

• by Seth
• logging, security, improvements

Zero trust seems to be somewhat of a buzz word at the moment within cyber security, but what is it and what harm can not implementing it actually do. In this article we look at what zero trust is, and look at a few practical examples of when it could be used to reduce threat from both external and internal threats.

• by Sebastian Wallace
• Zero Trust, Threat reductions

Cast you mind back to December of 2021, when the cyber security world went into a frantic dash, every sys admin worked until the early hours of the morning ripping out every trace of the Log4J library from there servers, security bloggers, researchers and even end users were all bombarded with the words Log4j. Yes remember now?

• by Sebastian Wallace
• Log4j, CVE-2021-44228

This isn't the type of toolkit like a spanner (wratchet) set you would put together and think yeah its done! This is the type of tool kit you started collecting when you were 12 and you are still adding to it. YES its that type of toolkit, the only difference is it lives in folders of bookmarks and databases, text files and programs. Online sockpuppets and api calls. This is the info sec toolkit.

• by Sebastian Wallace
• Infosec ,toolkit