The Coalfire Blog

Welcome to the Coalfire Blog, a resource covering the most important issues in IT security and compliance. You'll also find information on Coalfire's insights into the unique cybersecurity issues that impact the industries we serve, including Cloud Service Providers, RetailFinancial Services, Healthcare, Higher Education, Payments, Government.

The Coalfire blog is written by the company's leadership team and our highly-credentialed security assessment experts.


  • Pro Tip: The Right Way to Test JSON Parameters with Burp

    Dan McInerney, Senior Security Consultant, Coalfire

    Here’s a Burp trick you might not know, which helped find this instance of command execution and lots of SQL injection in other applications. Despite PortSwigger claiming otherwise, Burp does not parse JSON very well, especially nested JSON parameters and values like you see below.

    Read more
  • Cloud Security Governance - Optimizing the Business Benefits of Security in the Cloud

    Michael Addo-Yobo, Managing Principal, Cyber Risk Advisory, Coalfire

    Enterprises are increasingly pursuing the business advantages of migrating technology platforms and services into the cloud environment leveraging one or more of the three main cloud service areas – Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). These advantages include but are not limited to rapid information system deployment, significantly reduced operating costs, massive economies of scale, processing speed, and agility. However, subscription to these services often imply security and compliance challenges for enterprises who are often unprepared to resolve them.

    Read more
  • Managing Your Vulnerabilities, FedRAMP Style

    Dana Scaffido, Senior Consultant, Cyber Engineering, Coalfire

    As a member of Coalfire’s Cyber Engineering team, I frequently get questions about vulnerability Deviation Requests (DRs) from Cloud Service Providers (CSPs) seeking Federal Risk and Authorization Management Program (FedRAMP) authorizations. In this post, I’ll try to answer questions we frequently encounter about Deviation Requests and provide some useful resource links.

    Read more
  • Scripted Inputs and Splunk

    Josh Porto, Senior Consultant, Cyber Engineering, Coalfire

    Splunk is an extremely versatile tool when dealing with data:

    - Monitor files?  Check!

    - Listen in on an open port?  Check!

    - Monitor the file system? Performance monitor?  HTTP Event Collector?

    - Check, check aaaaand check!

    But what if the data you want to ingest does not have a method listed above? Say, something like a database or a security tool’s API? Scripted inputs are the solution! Splunk can even employ a variety of scripts to include (but not limited to) PowerShell, shell scripts, and Python.  Besides working around data sources, which do not use log files and cannot send via TCP or UDP, the advantages abound and include:

    Read more
  • Forensically Imaging a Microsoft Surface Pro 4

    Robert Meekins, Director, Forensics, Coalfire

    Working on digital forensics can sometimes create some challenging situations. Recently, we received a couple of Microsoft Surface Pro tablets to image and analyze. Having conducted forensics for a while, I realized that, depending on the version, imaging this tablet could be a challenge. Some setbacks normally associated with Surface tablets include not being able to remove the hard drive, the inability to place the device in target mode, and the hardware being very finicky about what OS can and cannot boot. Ultimately, the challenge comes down to having to use the tablet itself to perform the image, and the only option for input is a single USB port.

    Read more
  • Displaying results 146-150 (of 154)
     |<  <  22 - 23 - 24 - 25 - 26 - 27 - 28 - 29 - 30 - 31  >  >| 

Recent Posts

Post Topics

Archives

Tags

Top