Blog

Veracode Security Labs - user management
Veracode
Saku Tuominen

Veracode Security Labs

Developers are, in effect, the only people in any organization who can fix vulnerabilities hidden in their applications. Veracode Security Labs helps meet the requirements of security standards while providing a meaningful way for the entire development team to learn more.

Holm Security - Latest Scans
Holm Security
Saku Tuominen

Holm Security VMP and ISO 27001

How much common ground is shared between technical vulnerability scanners and the de facto global information security standard? Quite a lot, actually. In this blog post we examine how Holm Security VMP platform meets ISO 27001 requirements for detecting vulnerabilities in an organization’s information systems, assessing the involved risks and taking corrective actions.

Splunk & Ansible
Splunk
Teemu Turpeinen

Installing Splunk with Ansible

Managing a Splunk installation can be a complex task, but with proper tools and processes, it will become a lot more approachable. Recently, a customer wanted to have a Splunk environment that they could install and manage with Ansible. So that is what we created.

AlphaSOC - running an on-prem AE server
alphasoc
Thomas

Different AlphaSOC deployment options

“The cloud!” somebody shouts out loud. “This means my data is sent to the cloud – my precious telemetry data that in the hands of the bad guys could reveal too much about myself!”. This is correct. And for the sake of transparency, let’s have a look at what actually goes on behind the scenes.

Mint Splunk Consulting Services
siem
Thomas

Mint Splunk Consulting Services

Mint Security tarjoaa Splunkia käyttäville erilaisia lisäarvollisia Splunk konsultointipalveluita jolla saadaan omasta ympäristöstä kaikki irti – turvallisesti.

alphasoc
Chris McNab

Automating the Hunt

Through Network Behavior Analytics for Splunk and our native integrations for Demisto and Graylog, we instantly enrich network indicators (FQDNs, URLs, and IP addresses) to provide security teams with hunting material.

Veracode and Travis CI
Veracode
Teemu Turpeinen

Integrating Travis CI with Veracode

This blog post will show you how to integrate Travis CI and Veracode. Travis is a cloud based continuous integration (ci) service, that can be used to automate tests and builds for software projects hosted in GitHub.

Splunk header
siem
Teemu Turpeinen

Scaling and managing Splunk Enterprise Installation

Clustered Splunk Enterprise installations are mainly managed by the related management nodes. Indexer Cluster with the Cluster Master and Search Head Cluster with the Search Head Cluster Deployer. Without an additional process of change management, there is no way to easily track down what has been changed, by who and when.

Splunk Hardened Delivery
siem
Thomas

Splunk delivery models

Mint Security has a set of predefined delivery models to choose from. These are based on best practices and experience.

OWASP Top-10 Application Risk
Audit
Thomas

What is pentesting?

A common tool used to assess the security of a web application is penetration testing. Known also as pentest. Pentest is a “legal” simulated attack that seeks to use an application in a way that could be harmful to either the system, the data in the system, or the people who use the system.

siem
Teemu Turpeinen

Splunk Enterprise Architectural Decisions

So, you’ve got your Splunk Enterprise up and running and collecting data from some of your systems. A few dashboards have been created too and life is good. But perhaps, there could be more .

Verified by Veracode
sdlc
Thomas

Verified by Veracode

Prove your company’s secure software development practices with Veracode Verified. Implementing this program helps you make security part of your competitive advantage, easily defend your AppSec budget, and better integrate security with development.

Splunk header
siem
Thomas

Minted by Splunk

Mint Security provides a vast range of überconsulting for Splunk. From a single server to clustered multisite setups with integrated SSO and 2FA.

Veracode open source risk
sdlc
Thomas

Understanding your open source risk

As the use of open source code in development projects continues to grow exponentially, software development teams must take great pains to address open source risk.

siem
Teemu Turpeinen

Getting started with Splunk Enterprise

Splunk Enterprise is known as a de-facto do-it-all log collector, that in reality is fairly easy to start with, but can be complex to master.

contact us

Please do contact us. We most likely respond faster than you thought,