Security

Use Grafana Alloy with SigLens

24.07.2025·844 words·4 mins· loading · loading

English Logging Security Expert

Until now I used vector.dev as my workhorse to collect logs and metrics from systems and deliver them to SigLens. In the mean time there is a new kid on the block: Grafana Alloy. In this article I will show you how you connect Grafana Alloy to your SigLens instance.

Phishing detection with LLM

16.01.2025·696 words·4 mins· loading · loading

English AI LLM LMM Security Expert

In a recent project I tried to automate the phishing handling process. So if an email is reported as suspicious from end user the email is sent to a sandbox for a verdict and guess what: The sandbox mostly comes to the conclusion that the email is safe. But: IT IS NOT!

Use Prometheus Node Exporter with SigLens and Vector.dev

15.05.2024·983 words·5 mins· loading · loading

English Logging Security Expert

Some days ago I discovered SigLens the first time and wrote a blog post about feeding logs into it with the help of Vector.dev. SigLens does not only provide fast log management - no; it also supports metrics. In this article I show you how to setup ingestion of metrics from Prometheus Node Exporters.

Enterprise Attack Surface Management (EASM) - Summary

14.05.2024·808 words·4 mins· loading · loading

English EASM Security Azure Beginner

Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 3 of this series and covers my conclusions.

Fast log management with SigLens and Vector.dev

13.05.2024·2873 words·14 mins· loading · loading

English Logging Security Expert

A new star is born and my new personal favorite if you have to deal with logs: The Log Management solution from https://siglens.com/ together with https://vector.dev/ for log ingestion. This article describes the basic setup and the state of the project per may 2024.

Enterprise Attack Surface Management (EASM) - Tuning

09.05.2024·887 words·5 mins· loading · loading

English EASM Security Azure Beginner

Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 2 of this series and covers tuning..

Enterprise Attack Surface Management (EASM) - Activation and a first look

02.05.2024·1041 words·5 mins· loading · loading

English EASM Security Azure Beginner

Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 1 of an upcoming series.

Azure Batch and how to avoid misuse

23.04.2024·2149 words·11 mins· loading · loading

English Azure Azure Batch Azure RBAC Security Expert

Azure Batch is quite powerful tool if you want to scale compute intensive tasks in your environment due it lets you manage scaled workload in Azure. This article will present counter measure to reduce the risk of misuse.

Open port to Custom VM in Oracle Cloud

21.02.2023·743 words·4 mins· loading · loading

English Oracle Cloud Security Tipps

Oracle is a nice cloud provider which provides some resources for free. That’s perfect if you want to experiment with some web services. But unfortunatly accessing them is not an easy task if you are a beginner in this environment. I will show you what you have to do to get access to your VM (beside of SSH).