Fred Rohrer's Blog

As an AI enthusiast and software developer, I've been closely following the rapid advancements in artificial intelligence and its potential impact on the world of computing. One concept that particularly excites me is what I call "just-in-time coding" – a future where code is generated on-demand, based on the

As a data scientist, I recently worked on a project where I needed to build a binary classifier to analyze Splunk logs. I decided to use Keras, a powerful and user-friendly deep learning library, to tackle this task. Here's how I went about creating a simple binary classifier in Keras

Injection: Injection vulnerabilities occur when untrusted data is sent to an interpreter as part of a command or query. To test for injection vulnerabilities using Python, you can use the requests library to send payloads and analyze the responses. Here's an example script to test for SQL injection: import requests

As a seasoned IT professional, I cannot stress enough the importance of a robust identity management program in maintaining business continuity. In today's digital landscape, where cyber threats loom large and data breaches can cripple organizations, implementing a comprehensive identity management solution is no longer a luxury but a necessity.

The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework has become an essential tool for organizations looking to strengthen their cybersecurity posture. This comprehensive matrix provides a structured approach to understanding and defending against the various tactics, techniques, and procedures (TTPs) employed by adversaries. By mapping out

Introduction Web security is a critical concern for organizations of all sizes. The Open Web Application Security Project (OWASP) provides a comprehensive framework for assessing and mitigating web application security risks. The OWASP Risk Rating Methodology is a key component of this framework, enabling security professionals to prioritize and address

In today's cybersecurity landscape, effective detection rules are crucial for identifying and mitigating potential threats. Syslog, a standard protocol for logging system events, can be leveraged to create powerful detection rules. By ingesting these rules into Splunk, a leading security information and event management (SIEM) platform, organizations can enhance their

This post is about log monitoring basics, including log deployment and tuning.

In this post, I will be discussing how security automation can benefit from the advanced language understanding capabilities of GPT-3. By integrating GPT-3 into XSOAR, security teams can leverage the power of natural language processing to improve the efficiency and effectiveness of their incident response processes. I will be walking

Home automation is just the greatest thing ever, isn't it? Because who doesn't love the idea of being able to control their entire house with the swipe of a finger on a tiny screen? I mean, why bother actually getting up and flipping a light switch when you can just

Starting to plan out a Cybersecurity program for your company can be a challenging task, but in many ways the steps to take have more benefits than just increased security. Introduction Cybersecurity programs are categorized into people, technology and process. People refer to the employees, contractors, and other individuals who

What is the MITRE ATT&CK Framework and how did it come to be? SummaryThe MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework is a comprehensive knowledge base of adversarial tactics and techniques based on real-world observations. It is designed to help organizations understand the tactics,

Small business and non-profits often overlook the dangers of cyber-attacks to their organization but small business is just as likely to be hacked as big business, and the fallout of a breach could be more damaging.