think we may be past peak 'don't need firewalls', its been more than a year since the last such bleating occured

Happy diwali

My approach to pentesting internal active directory environments is maybe a bit different than some. I don't start out by using Kali or Netexec or Impacket. No malware haha😝 Would love to have a big turnout on Thursday 10/23 10am Mountain on the PDQ live stream. Come with

Yeah looks about right

Based on some recent posts about VA scanners, probably worth a repost of this one … seven-stones.biz/blog/what-is-y…

Use of the word 'catalyst' in a self-promoted Linkedin title, e.g. AI Catalyst. Not sure which i prefer: 'Singularity' or 'Catalyst'?

There’s this cyber world of knob eds who invent their own complexities within a capability eg SIEM , to get attention and there’s actually folks who will pay them for that. SIEM is simple. Stop the new acronyms and your other stupid ass fake intellectual capital development

At @ncsc we have been running cyber deception experiments across 121 organisations from across the UK.. .. the team have just shared our insights .. ncsc.gov.uk/blog-post/cybe…

Yuletide felicitations

Did actually witness this sentence in a SIEM Engineer open position ad …’•Syslog experience and/or strong Linux skills’…. Not a bad start to 2026.

You can’t secure what you can’t see. Netdelta discovered shadow IT inside an Azure tenant, helping reduce hidden risk and improve cloud visibility. #Azure #CloudSecurity netdelta.io

I guess this explains why Windows 11 is so full of shit

a smorgasbord of OpenSSL vulns to kick off 2026 ... openssl-library.org/news/vulnerabi…

Out of 1000s of posts covering how SOCs are going to be LLM driven, none cover nasty eg. Syslog technical. Some talk about the tool being to 'understand the environment'!! Nope. That is not happening in any automated way any time soon. And if it doesn't happen, there is no SOC.

LEGENDARY!!!!!

It's only Finland that has any interest in netdelta.io so far. Why is that? You don't want alerts for open ports visibility changes?

The infosec world has had 20 years to establish what a 'security engineer' is and has completely failed. It's time to drop the role completely.

if you're going to attempt a BS response to SDLC questions, at least know what the acronym stands for. Juusst a suggestion.

SOC MSSPs are under considerable threat from AI. This is because the vast majority implemented generic SIEM use cases and nothing else. This makes them easily replaceable.