Veracode
Veracode Security Labs Demo
22.09.2020 We at Mint Security wanted to have a look at… We scanned Koronavilkku – these are our findings 30.06.2020 Developers are, in effect, the
Thomas
18.12.2020
samm
OWASP SAMM v2 – What’s new
Over the last 10+ years, OWASP SAMM has proven an effective model for improving secure software practices to a wide variety of organizations. Release v2 of SAMM adds automation along with maturity measurements which assess both coverage and quality. Here we look at some the new features and changes compared to the previous version.
Saku Tuominen
11.12.2020
sdlc
We scanned Koronavilkku – these are our findings
We at Mint Security wanted to have a look at the Koronavilkku application and pitch in. The application proved to be of very high quality securitywise. There were no significant security findings.
Thomas
22.09.2020
Security Testing
Red Teaming and Recon
Recon and red teaming can be done separately, but they also work hand in hand. It may be a good idea for a company to do a thorough recon to understand the adversaries view on the organization – and this not only in the technical sense.
Thomas
06.07.2020
Veracode
Veracode Security Labs
Developers are, in effect, the only people in any organization who can fix vulnerabilities hidden in their applications. Veracode Security Labs helps meet the requirements of security standards while providing a meaningful way for the entire development team to learn more.
Saku Tuominen
30.06.2020
Holm Security
Holm Security VMP and ISO 27001
How much common ground is shared between technical vulnerability scanners and the de facto global information security standard? Quite a lot, actually. In this blog post we examine how Holm Security VMP platform meets ISO 27001 requirements for detecting vulnerabilities in an organization’s information systems, assessing the involved risks and taking corrective actions.
Saku Tuominen
24.06.2020
Splunk
Installing Splunk with Ansible
Managing a Splunk installation can be a complex task, but with proper tools and processes, it will become a lot more approachable. Recently, a customer wanted to have a Splunk environment that they could install and manage with Ansible. So that is what we created.
Teemu
25.05.2020
isms
First steps of an ISMS project
Planning for an industry standard compliant information security management system — in brief: carrying out an ISO 27001 project — can break cover from various starting points. Some organizations have already familiarized themselves with the standard, some have even written the first mandatory documents. Yet for many, this article could be the first contact with any form of security work at all.
Thomas
16.03.2020
Spamhaus
Spamhaus Botnet Threat Report 2019 – A comprehensive overview how criminal botnets work
Researchers at Spamhaus Malware Labs identified and blocked 17,602 botnet C&C servers hosted on 1,210 different networks. That is an enormous 71.5% increase from the number of botnet C&Cs seen in 2018. Since 2017, the number of newly detected botnet C&Cs has almost doubled from 9,500 to 17,602.
Tapio Särkelä
16.03.2020
alphasoc
Different AlphaSOC deployment options
“The cloud!” somebody shouts out loud. “This means my data is sent to the cloud – my precious telemetry data that in the hands of the bad guys could reveal too much about myself!”. This is correct. And for the sake of transparency, let’s have a look at what actually goes on behind the scenes.
Thomas
06.01.2020
siem
Mint Splunk Consulting Services
Mint Security tarjoaa Splunkia käyttäville erilaisia lisäarvollisia Splunk konsultointipalveluita jolla saadaan omasta ympäristöstä kaikki irti – turvallisesti.
Thomas
13.08.2019
alphasoc
Automating the Hunt
Through Network Behavior Analytics for Splunk and our native integrations for Demisto and Graylog, we instantly enrich network indicators (FQDNs, URLs, and IP addresses) to provide security teams with hunting material.
Chris McNab
27.06.2019
Veracode
Integrating Travis CI with Veracode
This blog post will show you how to integrate Travis CI and Veracode. Travis is a cloud based continuous integration (ci) service, that can be used to automate tests and builds for software projects hosted in GitHub.
Teemu
13.05.2019
siem
Scaling and managing Splunk Enterprise Installation
Clustered Splunk Enterprise installations are mainly managed by the related management nodes. Indexer Cluster with the Cluster Master and Search Head Cluster with the Search Head Cluster Deployer. Without an additional process of change management, there is no way to easily track down what has been changed, by who and when.
Teemu
07.05.2019
siem
Splunk delivery models
Mint Security has a set of predefined delivery models to choose from. These are based on best practices and experience.
Thomas
25.03.2019
Audit
What is pentesting?
A common tool used to assess the security of a web application is penetration testing. Known also as pentest. Pentest is a “legal” simulated attack that seeks to use an application in a way that could be harmful to either the system, the data in the system, or the people who use the system.
Thomas
23.03.2019
siem
Splunk Enterprise Architectural Decisions
So, you’ve got your Splunk Enterprise up and running and collecting data from some of your systems. A few dashboards have been created too and life is good. But perhaps, there could be more .
Teemu
04.03.2019
sdlc
Verified by Veracode
Prove your company’s secure software development practices with Veracode Verified. Implementing this program helps you make security part of your competitive advantage, easily defend your AppSec budget, and better integrate security with development.
Thomas
03.03.2019
Spamhaus
Botnet command & control domain registrations go through the roof in 2018
When Spamhaus Malware Labs observe a 100% increase in the number of domains that are being registered by cybercriminals to host a botnet command & control (C&C) it’s time to stop. Cybercriminals prefer to use a domain name registered exclusively to host a botnet C&C
Thomas
22.02.2019
siem
Minted by Splunk
Mint Security is a Splunk partner and a license reseller. In addition, Mint Security provides a vast range of überconsulting for Splunk. From a single server to clustered multisite setups with integrated SSO and 2FA.
Thomas
22.02.2019
sdlc
Understanding your open source risk
As the use of open source code in development projects continues to grow exponentially, software development teams must take great pains to address open source risk.
Thomas
20.02.2019
siem
Getting started with Splunk Enterprise
Splunk Enterprise is known as a de-facto do-it-all log collector, that in reality is fairly easy to start with, but can be complex to master.
Teemu
02.02.2019
tweaks
Sanitation adds an extra layer of security to the use of USB storage devices
CIRCLean is a independent open source software built on the Raspberry PI. It transfers files from untrusted to trusted USB sticks. CIRClean adds a ‘.DANGEROUS’ filename extension to all suspicious files.
Saku Tuominen
16.10.2018
hardening
A few good technical practices when publishing services on the internet
This post is not a technical silver bullet. Nor is it the absolute truth. As a starting point though it is good. It adheres to common sense, is based on risk analysis – and provides good value for the effort.
Thomas
17.10.2017
secdevops
A technical rant about the different E’s in SSL/TLS
The main points in this post are about the different E’s (elliptic and ephemeral) as well as EC in the key exchange and the certificate signature algorithms.
Thomas
05.06.2015
