When Snyk Saved my Firebase Project | hugs4bugs
Let's understand uncontrolled resource consumption vulnerability| hugs4bugs
Last week I got a situation that stuck me “Why does SIEM feel like it’s fighting against us instead of helping us”? It’s a fair question. Too many organisations jumps into SIEM implementation assuming they’ll flip a switch and suddenly have perfect visibility. I have been observing since my last 6 years in cybersecurity domain that most of the organisation approach towards SIEM deployment is completly wrong.They are simply adopting facing tools and doing partenership with fancy vend...| hugs4bugs
| hugs4bugs.me
If you’ve been working with Terraform for a while, you’ve probably run into this frustrating situation: you need to pass a password or API token to a resource, but you don’t want that sensitive data sitting in your state file for everyone to see. Maybe you’ve tried creative workarounds with external data sources or complex scripting, but let’s be honest – it always felt like a hack. Well, good news! Terraform 1.11 introduces write-only arguments, and they’re about to change how ...| hugs4bugs
Let's understand uncontrolled resource consumption vulnerability| hugs4bugs
Let's understand what is Snyk Broker and how it's solving enterprise problems| hugs4bugs
Last month, something interesting happened in the DNS landscape that most security teams probably missed. DNS4EU went live in June 2025, marking Europe’s first serious attempt at building DNS infrastructure that doesn’t route through Silicon Valley. After spending time analyzing the technical implementation and testing the resolvers, here’s what security professionals need to know about this development. If you can’t read text I have aleternative solution for you as audio book What DN...| hugs4bugs
In the ever-evolving landscape of cloud security, identifying and responding to threats swiftly is paramount. Amazon detective makes its easy for soc analyst or security engineer to analyse, investigate, and do RCA. Before jumping to the tehnical side, let’s understand the landscape of security Incidents investigation phase : 1.Triage – Figuring Out If There’s a Real Threat Imagine getting an alert that something suspicious might be happening in your system. Your first step is to check ...| hugs4bugs
If you’re like me and have been wrestling with running LLMs locally for development, Docker just dropped something that might change your workflow completely. The new “Models” tab you see in Docker Desktop isn’t just another UI addition—it’s part of Docker Model Runner, a beta feature that’s currently shaking up how we work with AI models locally. What Exactly Is This Thing? Docker Model Runner makes it easier for developers to run AI models locally. No extra setup, no jumping b...| hugs4bugs
When it comes to proactive approach of security, threat Hunting comes to the picture. And being aware of IOC aka Indicators of Compromise gives an extra leverage to find malicious urls, hash, IP and block those and take proper action. In this lab, I’m gonna build homelab with Elastic Cloud and Elastic SIEM deployment and generate IOC with AbuseCH . Basic HLD Steps to create a hosted Deployment Signup to Elastic Cloud Click on Add Deployment Launching Deployement Incoming Data Confirmation ...| hugs4bugs
Alright, let’s talk about making the internet a little safer when you get those “secure” padlocks in your browser. Imagine you’re trying to prove you own a house, and you only show the ID to one person. A sneaky bad guy could potentially trick that one person into thinking they’re you. That’s kind of what can happen with website security certificates, and a new project called Open Multi-Perspective Issuance Corroboration (MPIC) is trying to fix that. Think of it like this: when a ...| hugs4bugs
When it comes to system security, even small misconfigurations can open the door to cyberattacks. Tools like Wazuh, a Security Information and Event Management (SIEM) platform, help users perform audits to evaluate their system’s security posture. In this blog, we’ll walk you through understanding audit results and share actionable steps to secure your Unix-based system. Understanding Wazuh System Audit Scores A Wazuh audit generates a report that divides checks into three categories: Pas...| hugs4bugs
I have often seen people get confused term “Trust Boundary” with “Attack Surface”, so let’s get it clear now with the context of a corporate network. What Are Trust Boundaries? Trust boundaries are the dividing lines that separate different zones within a system, each requiring specific security measures to protect sensitive data. Think of them as invisible fences within your digital landscape, ensuring that only authorized personnel can access certain areas. In a corporate network,...| hugs4bugs
Upgrading your wazuh docker deployment to the latest version ensures you benift from the latest features, security patches and performance improvements.I have been using Wazuh docker deployment using single-node for my home lab so in this guide, I’ll walk through the process of upgrading wazuh from version 4.9.0 to v4.10.0 using docker. Before upgrading, let’s ask this question why to upgrade wazuh to v4.10.0? Enhanced Security: New Security patches & upgrades Improved Performance: Better...| hugs4bugs
Okay in this blog I’m not gonna tell you about sim swapping or OTP bypassing or hijacking, I’ll try to keep as realistic I can for all layman people. Before we jump into our main topic let’s clear a few terms like MFA == Multifactor Authenticator , 2FA == Two Factor Authenticator. Now let’s understand the problem statement with example of a person name called “Sivolko”. Meet sivolko, a software developer who relies heavily on various online accounts for both work and personal use....| hugs4bugs
Problem Statement I have seen many professionals,especially those new to Azure, often get confused between Log Analytics and Log Analytics Workspace during Microsoft Sentinel deployment. This confusion can lead to inefficient setups, increased costs, and suboptimal security postures. Being a security SME it’s crucial to share my personal and hands on expertise to avoid future confusions.Let’s break down these concepts to eliminate any ambiguity. Understanding Log Analytics Log Analytics i...| hugs4bugs
Before, we jump to our topic let’s recall what wazuh is? It’s a popular open source security monitoring platfrom . It’s HIDS aka host based intrusion Detection system. HIDs a Host-based Intrusion Detection System monitors and analyzes the internals of a computing system rather than the network packets on its external interfaces. It focuses on detecting unauthorized access and malicious activities on individual hosts or devices. Wazuh has shifted to opensearch from elasticsearch since ve...| hugs4bugs
If you’re a security professional,it might a chance you would be familier with SIEM aka Security Information Event Management used by SOC analyst or security engineers. In this homelab cybersecurity series I’m guiding you through step by step Wazuh as single node deployment using docker in Kali Machine. Before that let’s understand Wazuh and It’s Architecture :- Wazuh Wazuh is open source security platform with unified XDR(Xtended Detection and Response) and SIEM platform which protec...| hugs4bugs
Let’s Understand a few Terms before jumping to our main topic viz “Why do we need a new session for user authentication”? What’s Session? In layman term session is the term used to refer to a user’s time browsing a webpage.It identifies the users to the app after they have logged in an is valid for a period of time. It contians activities like Page rendering, events e.g like, share, comments in session storages. A web session is the sequence of network HTTP request and response tran...| hugs4bugs
MTTD (Mean Time To Detect) and MTTR (Mean Time To Response/Remediate) are the two crucial factor in Defensive side of hashtag#cybersecurity Major challenge for Blue team is resource burnout and manual investigation on repetitive task which increase average MTTR . Let’s understand use case to orchestrate security flow use Case :- Automate Multiple login failure alerts response Workflow link :- Here we’ll use SOAR (Security Orchestration Autoamtion and Response) to automate Multiple login f...| hugs4bugs
When Kali org announced Kali-purple on the occassion of 10th anniversary,it was move from offensive security to defensive security. It announced with couple of interesting features viz:- SOC out of the box Security control design and testing Protection of small & Medium size environment Refer official docs for more Kali Purple Official Main interesting feature of Kali-purple is Tools are structured upon NIST Framework viz Identify Protect Detect Respond Recover Suppose you already have Kali m...| hugs4bugs
Before starting, let’s quickly recall what’s Password? Can we consider any sets of characters as password? Well in the layman word answer is “YES”, untill those are secret to you.Again the matter of choice is completely on enduser, how strong one sets the password.That’s why instead of simple dictionary words, it’s advisable to use Passpharse like Y0urP@sswrd@7856.But we often forget these complex alpha-numeric passwords easily. Sometimes we do use secrets Manager tools like PassK...| hugs4bugs
Before starting, let’s understand what exactly is Docker Scout? Docker Scout is a container image scanning tool built within Docker Desktop as well as CLI with mindset of Shift-Left approach.It lies on the top of the Docker ecosystem and helps developers to find container image vulnerabilities at the time of image build,thus helps organisation to ship secure entire supply chain.Now one might be confused is that Docker-Scout another CNAPP tool? As per official documentation,it uses SBOM(Soft...| hugs4bugs
Awesome-Security-Analyst-Tools This is a curated list of awesome security tools used by analyst on the daily basis for Blue Teaming. MALWARE Malware aka Malicious Software is a file or code,usually delivered over a N/W that infects, explores, steals or conducts malicious activity. It is a collective term for viruses, trojans and other destructive computer programs used by ATP(Advanced Persistent Threat Actor) ToolDescriptionOfficial Link Virus TotalVirus Total is a free service founded in 200...| hugs4bugs
Before starting, let’s understand a few terms,what is CNAPP? CNAPP aka cloud Native Application Protection Platform is all-in one cloud-native software platform that simplifies DevSecops practices.This term CNAPP was orignally coined by Gartner in 2021 CNAPPs make it simpler to embed security into the application lifecycle while providing superior protection for cloud workloads and data. A few core features of CNAPP are:- No Vendor Locking, with multi cloud support TI(Threat Intelligence)in...| hugs4bugs
Before jump over the onboarding of Microsoft Sentinel, let’s understand what MS Sentinel is? Definition: Microsoft Sentinel is a cloud native SIEM(Security information and Event Management) and SOAR(Security orchestration,automation,and response) solution,which delivers intelligent security analytics and threat intelligence. Why do we use it? To act as blue teaming as defensive security against attack detection,threat visibility,proactive hunting and threat response. In this blog we’ll be...| hugs4bugs
Let’s understand what exactly MDC or Microsoft Defender for Cloud is? Microsoft Defender for Cloud is CNAPP tool. CNAPP == Cloud Native Application Protection Platform So, MDC is cloud native CNAPP tool with a set of security best practices and measures to protect cloud based APPs, Servers , API and resources. It comes with the 3 loaded features DevSecOps CSPM CWPP It has 3 plans viz free one, Defender for servers P1 and P2 First let’s understand the problem statement from different stake...| hugs4bugs
Before starting let’s understand a few steps of threat investigation and attackers’ mindset. Whenever attacker breaches a system or try to all logs are generated as Events and Incidents which can be fetched into SIEM tools like MS Sentinel , Qradar. These behaviours can be summarised into TTP viz Tactics : The high level description of the behaviour and strategy of a threat actor.It means how they behave across the different stages of the cyberattack kill chain. Usually these stages inclu...| hugs4bugs
Before start,let’s understand the usecase of Logic App and our requirements. We need to create an automated email flow with attachment with particular email group or people. So for this we need to create a logic app with storage account which contains our email attachment. Now let’s divide it into 2 parts Storage account creation Logic App Requirements :- Azure Subscription Storage Account access Logic App contributor access Email group either outlook or gmail Steps :- Signin to Azure Por...| hugs4bugs
In this blog,let’s learn how to create and manage users & group their properties within Azure AD. Disclaimer :- I’m not gonna cover Azure AD’s AU (Administrative Units) Prerequisits :- Azure Account Global Administrator Privilege Basic Knowledge of Azure service Q. Before start let’s understand What Azure AD offers? or What is Azure AD? A. Directory and Identity management solution within the cloud Provides Traditional username & password Identity Managemet Role based permission manag...| hugs4bugs
What is the difference between Kali Linux and Parrot os. Which is good for beginers and pro in cyber security and why do we need both?| hugs4bugs
hugs4bugs is an open source blog written by shubhendu shubham on various cloud and technologies to for community help.| hugs4bugs
Leverage Docker to build production ready MCP| hugs4bugs
