Mimi 🎀 By learning how things worked first -- all the tedious boring bits rather than starting with the exciting stuff.

If you like hacking car ECUs, reverse-engineering software/firmware, tapping serial buses, fuzzing, or some combination of these things, DM me or email matt_at_grimm-co.com. Aerospace your thing? Medical devices? ICS and Power Grid? Endpoint-Dev? email me.

Continuing to unpack #Gravwell 'Orion' v5.0.0 is a new kit for Palo Alto Networks Next-Generation Firewall. You'll see traffic logs similar to Netflow but containing more metadata.

Read an in-depth overview and see the pre-built kit dashboards here: hubs.la/Q018ySvh0

So... our new flows feature adds automation capabilities to Gravwell, but it's *very* flexible. One of our devs was asked to write a basic 'hello world' example but the jackass wrote a MIPS emulator to do it instead. Respect. gravwell.io/blog/hello-wor…

This is also why you should be streaming logs to a central repository.

Gravwell engineer John consistently gathered CPU temperature data from his machine and recently applied a BIOS update. Take a look at the clear-cut before-and-after results in this brief blog post (2-min read).

hubs.la/Q015BZkd0

#Ryzen7 #AMD #CPUtemp #ASRock

Stats are cool! John is monitoring his CPU temperature and shows the before&after of a BIOS update. The chart of the average temperature didn't do much, but the variance is hilarious. gravwell.io/blog/did-that-…

New xkcd irritates my old 'log centralization that bills on EPS' scars
xkcd.com/2582/

You should watch the video because it's awesome, but the tl;dr is Gravwell CE is now free for personal *and* commercial use at 1/10th of an Astronomical Unit in Bytes per day (~14gb).
Embark on a Quest for Omniscience!
Collect logs, create dashboards, reduce attacker dwell time.

An exciting update from Gravwell!

Watch and read more at: hubs.la/Q014b41J0

#SecOps #DevOps #ITOps #DevSecOps #Gravwell #CommunityEdition #CE

Season's greetings from Gravwell! We can't wait to show you what we have planned for 2022. Have a joyful + safe holiday season and a Happy New Year to all!

Want to know which applications are listening to you via your microphone? This post has you covered as we dive into Sysmon events 12-14.

What's in a Sysmon Event - Windows Registry EventIDs 12, 13, 14 hubs.ly/H0-wj_J0

All data. No limits.

#limitssuck

Unlimited ingestion of #data at the binary level...with no limits? Let's talk about some things that make Gravwell different. Come by our booth at #blackhat in the Innovation City to chat about it. #blackhat 2021 #bhusa

#blackhat 2021 is kicked off! Come by our booth and snag some sweet swag, such as our high-quality playing cards! #blackhat #bhUSA

Getting geared up for #blackhat2021 with a pile of swag you wont wanna miss out on. See you at booth IC22 in the Innovation City!

Thank you ᴅᴀɴɪᴇʟ ᴍɪᴇssʟᴇʀ ☕️📚💡 for pointing out this great Cloudflare blog on AWS bandwidth egress pricing mark ups. blog.cloudflare.com/aws-egregious-…

IBM/Ponemon breach cost report: On average, victims took 287 days to identify a breach and those that took longer to identify cost more.
>200 days: $4.87m
<200 days: $3.61m
Check out this (oldie but goodie) After Action Report detailing a breach response. hubs.la/H0TlSbt0

This is a huge week for us as we release a major product update in version 4.2 as well as unveil the all new logo and website. Founder Corey Thuen shares a bit about the journey to get here. hubs.la/H0Tcn150