Clik here to view.
Lessons Learned from Improving Transport Layer Security (TLS) at Adobe
Transport Layer Security (TLS) is the foundation of security on the internet. As our team evolved from primarily consultative role to solve problems for the entire company, we chose TLS as one of the...
View ArticleOWASP, IR, ML, and Internal Bug Bounties
A few weeks ago, I traveled to the OWASP Summit located just outside of London. The OWASP Summit is not a conference. It is a remote offsite event for OWASP leaders and the community to brain storm on...
View ArticleLeveraging Security Headers for Better Web App Security
Modern browsers support quite a few HTTP headers that provide an additional layer in any defense-in-depth strategy. If present in an HTTP response, these headers enable compatible browsers to enforce...
View ArticleHow Adobe Helps Protect You from Email Phishing
Email has always been a tool of choice cybercriminals. By capitalizing on an established company’s brand reputation, they can send emails with malicious intent (links, attachments, phishing, etc.) and...
View ArticleClik here to view.
Adobe & Splunk CTF Competition
A hallmark of an engaged team is continuous learning and improvement. And this is no different for a SOC (Security Operations Center) team. We believe that readiness is a key aspect of learning and...
View ArticleThe OSCP Gauntlet
As a developer who works mainly on the defensive side of the software security battle, it’s easy to lose sight of the difference in complexity between defending and attacking a system. When you have a...
View ArticleClik here to view.
Better Security Hygiene for Containers
“Containers do not always contain.” Without proper hygiene, containers may not always keep their contents constrained and secure. This is sometimes the unfortunate but fundamental truth of containers....
View ArticleClik here to view.
Help Avoid DNS Takeovers
A significant portion of cloud services are coupled with a domain name service (DNS) component. The lifecycle of these cloud services, unfortunately, can sometimes exclude an enforcement of...
View ArticleClik here to view.
Using Machine Learning to Detect Command Line Anomalies
NOTE: This post discusses patent-pending technologies. Cybersecurity is often a game of cat and mouse – attackers are constantly trying to outsmart defenders. Attackers are keen to try and bypass...
View ArticleClik here to view.
Mapping Your Networks with Marinus
Many of my recent talks on automation strategies have referred to a tool called “Marinus.” The tool is designed to help solve the challenges large organizations face in having an accurate view of their...
View ArticleAdobe Supports OpenID RISC Integration with Google Social Authentication
Today is Safer Internet Day, and the slogan is, “together for a better Internet,” calling for stakeholders to join forces and help create a safer Internet. Thus, we wanted to share the details on our...
View ArticleClik here to view.
Digital Forensics and Incident Response Using OSQuery
Understanding the anatomy of a potential incident can be one of the most challenging tasks that an incident response team faces, especially in the increasingly complex, cloud computing environments...
View ArticleClik here to view.
Using User Behavior Analytics to Detect Authentication Anomalies
You may think detecting user authentication anomalies is as simple as identifying a red egg in a carton of white ones, but it’s nowhere near that easy. On the other hand, it’s not impossible,...
View ArticleClik here to view.
Automating the Common Controls Framework
Over the past several years, the Adobe Technology Governance Risk and Compliance (GRC) team has developed and implemented the Common Controls Framework (CCF). The CCF helps various cloud products,...
View ArticleAutomating Secure Firewall Change Requests
As many companies transform to multi-cloud environments, managing firewall changes at the speed of development teams can be challenging. Teams across Adobe are constantly evolving cloud services to...
View ArticleClik here to view.
Introducing Tripod: an Open Source Machine Learning Tool
Machine learning (ML) and artificial intelligence (AI) are becoming very useful technologies in cybersecurity. However, before you can model, validate, and visualize security data that will actually be...
View ArticleClik here to view.
Rethinking Threat Intelligence with the LEAD Framework
Threat intelligence has been a key component of our detection process for many years. We created the LEAD threat intelligence framework to help security personnel make sense of the threat intelligence...
View ArticleClik here to view.
Mapping Your Way Through Application Security Obstacles
As a security researcher, it is always important to stay current and explore new technologies. Graph databases have been around for a while, but I never had a use case to dive into them until...
View ArticleClik here to view.
Using Machine Learning to More Quickly Evaluate the Threat Level of External...
Most antivirus (AV) software is designed for home/personal use. It can cover common scenarios. However, corporate networks must deal with preventing potential targeted attacks. These “attacks”? are...
View ArticleClik here to view.
Leveraging Graphs to Improve Security Automation and Analysis
In my last blog, I gave the background for a research project where I am using graph databases to create graphs of application metadata to improve the efficiency of security automation. In this blog,...
View Article