Photo by PIOTR BENE on Unsplash

Over the past few months we have been moving projects over to GitLab. For the most part this process has been pretty smooth. Of course, no tool is going to have everything you need to completely transition nor be an immediate replacement for a workflow that you are used to. However, I will say with GitLab’s APIs it has made it pretty easy.

The first order of business was to migrate out of Jira, which is I scripted and wrote up in this article. …

Photo by Johannes Plenio on Unsplash

Where I work the Product Management team has chosen Aha! as their planning tool. Once PM has their product high level plan in place then the engineering team comes in and reviews the high level plans, asks questions and then works to scope out the effort required.

This all works OK and is nice and interactive. Where things get painful is getting that work in GitLab, the system the engineering team uses to actually do the work that is defined by PM. This is where we hit a huge roadblock the first time we used Aha!

What is Aha! and How We Used It

Aha! is, according to…

Photo by Joe Yates on Unsplash

In a previous article I wrote about a Slack App that I wrote as a proof of concept to prove the value of Slack. This app was developed at the request of my manager who told me to show executive management how we can automate some of our workflows as well as help our customers engage with our services in a better way. In the other article I wrote about interacting with MISP and VirusTotal, while these are likely more useful from an analyst perspective they have been done before.

The next interaction I wanted to add was the ability…

The company where I work is a culmination of 3 different software companies that have merged into one over a two year period. Each organization had their own processes, procedures and toolchains which caused some challenges and inefficiencies. The decision was made to standardize our engineering toolchain across all of the product lines.

After a trial of a few different solutions out there it was decided that we would migrate everything to Gitlab.

Gitlab has really made an investment into CI/CD and it shows, being able to have a single solution for the entire lifecycle of development will streamline our…

Using Slack to query VirusTotal and MISP

At work I was tasked with making a case for switching from MS Teams to Slack. Having used Slack in the past at a previous company, I welcomed the challenge. Little did I know that as part of this case would require me to develop a slackbot to showcase some integration use cases so the executive team could see the value rather than me just talk about it.

I took two approaches to this challenge, first I created some abilities for customers to query the bot to see things that might interest them such as current tickets they have open…

I recently stood up a MISP instance in the lab to gather some Open Source Intelligence (OSINT). The goal of this exercise is to enrich data going into my Elastic Stack in order to identify when machines are talking to known bad actors or running known malicious executables.

I run Elastic Stack via Docker, and it is a small instance nothing fancy, you can read more about it the article I wrote, Ubiquiti Unifi logs in Elastic Stack. However, the below should work for any Elastic Stack as long as you have Logstash running.

Giving credit where credit is due…

Logpoint Firewall Dashboard

LogPoint SIEM

Logpoint SIEM, depending on where you are reading this article might be a tool you have never heard of. They are a visionary in the Garter MQ but not very well known in North America. LogPoint is HQ in Denmark and has focused on the European market primarily.

Overall the SIEM has a lot of features, but like most security tools the documentation is lacking in my opinion. Make sure you get access to the online documentation otherwise the PDFs are not all that useful. …

Firewall Traffic Map

Having a background in Cybersecurity and specifically SIEM, I enjoy testing out different solutions for my home network. Having cut my teeth on a proprietary SIEM called Intellitactics back in the day, I have a very good understanding of the technology and have always loved it. Things certainly have changed since I used to fly around and do installs.

I routinely install and use different logging and SIEM platforms, this time it is the Elastic Stack. The driver for this was that I wanted to try out the SIEM portion that Elastic has added to the free/basic license.

My Home Network

At home…

Tyler Owen

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store