Security Musings
Things our people say
Building Temporal Correlations in Threat Hunts
An outline of several time-based techniques which can be used to strengthen uncertain threat hunting results.
Read moreJames Fox | Feb 29, 2024
Threat actor bypassing location-based conditional access controls via dynamic AiTM infrastructure
Fortian would like to disclose information regarding a novel adversary in the middle campaign that bypasses location-based conditional access controls via dynamically routed proxy servers
Read morePhillip Roberts & James Fox | Oct 6, 2023
A credential harvester that's actually interesting!
Phillip and Sho came across something a bit interesting when analyzing a credential harvesting attack.
Read morePhillip Roberts & Sho Yamamoto | Sep 4, 2023
Fortian winter internship
Cooper gives an overview of his month at Fortian as part of our internship program.
Read moreCooper Eldridge | August 3, 2023
Return of Those Guys
Reece is a security consultant, pen tester, appsec guy, SOC supporter and perhaps most importantly one of Those Guys. In this post he provides a write-up of their activities against a retired HackTheBox (HTB) capture the flag called "Precious"
Read moreReece Payne | July 24, 2023
A practical approach to application security
Prashanth covers some simple, practical steps to improving your application security.
Read morePrashanth B.P. | July 17, 2023
Privileged Acess Management
Vince provides some guidance on implementing an effective privileged access management framework.
Read moreVince Hardy | June 22, 2023
Understanding the intricacies of AAD sign in logs to detect MFA fatigue attacks
Phillip explains how MFA events are represented in AAD sign-in logs, explores a few different approaches threat actors may take to exploit MFA and proposes a Sentinel query to help with detection.
Read morePhillip Roberts | May 24, 2023
Analysis of recent ransomware incident targeting users via fake Google Chrome update
Phillip and Soorya from Fortian's SOC get into the finer details of some recent malware.
Read morePhillip Roberts & Kumar Soorya | August 26, 2022
Why the human element of cybercrime gets overlooked
Andrew examines the importance of the human element in cybersecurity.
Read moreAndrew Bycroft | February 25, 2022
What is cyber security?
Andrew looks at the origins of one of the key terms in our industry, and questions whether it's really the one we should be using.
Read moreAndrew Bycroft | October 5, 2021
Application threat modelling
Prashanth gives an overview of threat modelling and the application of a secure-by-design principle to software development.
Read morePrashanth B.P. | August 23, 2021
An introduction to Open ID Connect (OIDC)
Practical guidance for working with OIDC.
Read moreMichael Pearn | August 13, 2021
Cloud to Cloud User and Group Provisioning: A Case Study comparing Azure and Okta
Michael provides a real-world comparison of provisioning to Google Workspace using two of the most common cloud identity management platforms.
Read moreMichael Pearn | July 29, 2021
Quick and easy attack surface reduction - 2020 style
A couple of years down the track, Jason revisits attack surface reduction and explores a different approach using an AWS application load balancer and OIDC.
Read moreJason Wood | August 18, 2020
Securing access to your Imperva cloud WAF with Okta
Having set up a basic WAF configuration, Adrian now steps through enabling SAML (and MFA) for WAF administration.
Read moreAdrian Bole | June 06, 2020
Protecting your website with Imperva Cloud WAF
Adrian provides the first of two posts discussing the configuration of Imperva Cloud WAF.
Read moreAdrian Bole | May 11, 2020
DNS security (part 1)
Reece talks about some of the security challenges with DNS.
Read moreReece Payne | November 23, 2019
Fortian CyberCon 2019 challenge reflection (Part 2)
The second of Jake's posts on how he built the Fortian technical challenge for CyberCon 2019
Read moreJake Astles | October 27, 2019
Fortian CyberCon 2019 challenge reflection (Part 1)
Jake gives us the first of two posts on how he built the Fortian technical challenge for CyberCon 2019
Read moreJake Astles | October 16, 2019
The value of security architecture
Chiko revisits the basics of security architecture: what is it, why do we do it and what are the benefits?
Read moreChikonga Maimbo | August 1, 2019
Information wants to be free
Simon provides an update on some work we've been doing on Open Banking and the Consumer Data Right.
Read moreSimon Ellis | July 18, 2019
Don't trust those crafty users
Reece gets into the challenges of actually having users use your web application.
Read moreReece Payne | November 23, 2018
AISA CyberCon 2018
Marcus gives a bit of information about our attendance at this year's CyberCon.
Read moreMarcus Wong | Oct 09, 2018
Apache reverse proxy with SAML and Azure AD
Jason walks through setting up a quick and easy reverse proxy authenticating using SAML.
Read moreJason Wood | June 29, 2018
Getting logs out of Azure AD
Reece shows you how to get some interesting logging info out of Azure AD.
Read moreReece Payne | June 12, 2018
Security, privacy and the 2018 budget
Marcus provides a brief update on information relevant to cyber security in the 2018 federal budget.
Read moreMarcus Wong | May 11, 2018