Security Musings

Things our people say

Building Temporal Correlations in Threat Hunts

An outline of several time-based techniques which can be used to strengthen uncertain threat hunting results.

Read more
James Fox | Feb 29, 2024

Threat actor bypassing location-based conditional access controls via dynamic AiTM infrastructure

Fortian would like to disclose information regarding a novel adversary in the middle campaign that bypasses location-based conditional access controls via dynamically routed proxy servers

Read more
Phillip Roberts & James Fox | Oct 6, 2023

A credential harvester that's actually interesting!

Phillip and Sho came across something a bit interesting when analyzing a credential harvesting attack.

Read more
Phillip Roberts & Sho Yamamoto | Sep 4, 2023

Fortian winter internship

Cooper gives an overview of his month at Fortian as part of our internship program.

Read more
Cooper Eldridge | August 3, 2023

Return of Those Guys

Reece is a security consultant, pen tester, appsec guy, SOC supporter and perhaps most importantly one of Those Guys. In this post he provides a write-up of their activities against a retired HackTheBox (HTB) capture the flag called "Precious"

Read more
Reece Payne | July 24, 2023

A practical approach to application security

Prashanth covers some simple, practical steps to improving your application security.

Read more
Prashanth B.P. | July 17, 2023

Privileged Acess Management

Vince provides some guidance on implementing an effective privileged access management framework.

Read more
Vince Hardy | June 22, 2023

Understanding the intricacies of AAD sign in logs to detect MFA fatigue attacks

Phillip explains how MFA events are represented in AAD sign-in logs, explores a few different approaches threat actors may take to exploit MFA and proposes a Sentinel query to help with detection.

Read more
Phillip Roberts | May 24, 2023

Analysis of recent ransomware incident targeting users via fake Google Chrome update

Phillip and Soorya from Fortian's SOC get into the finer details of some recent malware.

Read more
Phillip Roberts & Kumar Soorya | August 26, 2022

Why the human element of cybercrime gets overlooked

Andrew examines the importance of the human element in cybersecurity.

Read more
Andrew Bycroft | February 25, 2022

What is cyber security?

Andrew looks at the origins of one of the key terms in our industry, and questions whether it's really the one we should be using.

Read more
Andrew Bycroft | October 5, 2021

Application threat modelling

Prashanth gives an overview of threat modelling and the application of a secure-by-design principle to software development.

Read more
Prashanth B.P. | August 23, 2021

An introduction to Open ID Connect (OIDC)

Practical guidance for working with OIDC.

Read more
Michael Pearn | August 13, 2021

Cloud to Cloud User and Group Provisioning: A Case Study comparing Azure and Okta

Michael provides a real-world comparison of provisioning to Google Workspace using two of the most common cloud identity management platforms.

Read more
Michael Pearn | July 29, 2021

Quick and easy attack surface reduction - 2020 style

A couple of years down the track, Jason revisits attack surface reduction and explores a different approach using an AWS application load balancer and OIDC.

Read more
Jason Wood | August 18, 2020

Securing access to your Imperva cloud WAF with Okta

Having set up a basic WAF configuration, Adrian now steps through enabling SAML (and MFA) for WAF administration.

Read more
Adrian Bole | June 06, 2020

Protecting your website with Imperva Cloud WAF

Adrian provides the first of two posts discussing the configuration of Imperva Cloud WAF.

Read more
Adrian Bole | May 11, 2020

DNS security (part 1)

Reece talks about some of the security challenges with DNS.

Read more
Reece Payne | November 23, 2019

Fortian CyberCon 2019 challenge reflection (Part 2)

The second of Jake's posts on how he built the Fortian technical challenge for CyberCon 2019

Read more
Jake Astles | October 27, 2019

Fortian CyberCon 2019 challenge reflection (Part 1)

Jake gives us the first of two posts on how he built the Fortian technical challenge for CyberCon 2019

Read more
Jake Astles | October 16, 2019

The value of security architecture

Chiko revisits the basics of security architecture: what is it, why do we do it and what are the benefits?

Read more
Chikonga Maimbo | August 1, 2019

Information wants to be free

Simon provides an update on some work we've been doing on Open Banking and the Consumer Data Right.

Read more
Simon Ellis | July 18, 2019

Don't trust those crafty users

Reece gets into the challenges of actually having users use your web application.

Read more
Reece Payne | November 23, 2018

AISA CyberCon 2018

Marcus gives a bit of information about our attendance at this year's CyberCon.

Read more
Marcus Wong | Oct 09, 2018

Apache reverse proxy with SAML and Azure AD

Jason walks through setting up a quick and easy reverse proxy authenticating using SAML.

Read more
Jason Wood | June 29, 2018

Getting logs out of Azure AD

Reece shows you how to get some interesting logging info out of Azure AD.

Read more
Reece Payne | June 12, 2018

Security, privacy and the 2018 budget

Marcus provides a brief update on information relevant to cyber security in the 2018 federal budget.

Read more
Marcus Wong | May 11, 2018