Tash Postolovski

Posts by

Tash Postolovski

Episode #005: Security-focused Code Review for Software Developers with Sid Odgers

Cosive's Software Development Lead, Sid Odgers, is a cybersecurity expert who spends his days building secure software. In this podcast you'll learn how Sid approaches code review to make sure that all code shipped to production is secure as well as high-quality. The checklist and tips shared here are language agnostic and will be of use to any software developer who wants to get better at security.

Podcast

Episode #004: How ChatGPT Could Transform the CTI Analyst Role with Chris Horsley

Cosive CTO Chris Horsley conducted early experiments using ChatGPT to help assign ATT&CK IDs to threat intelligence reports. While the tool won’t replace an experienced analyst as of today, it will likely change the way we do this kind of work.

Podcast

Episode #003: Securing REST API Endpoints (or How to Avoid Another Optus) with James Cooper

Unless you have been living in a cave on Mars with your eyes shut and your fingers in your ears for the past few weeks, you have probably heard something about a data breach at Australian telecommunications giant Optus.As security mistakes go, the vulnerability reported to have enabled the attack leans toward the more embarrassing side of the scale. If reports are true, Optus has effectively exposed customer data on an endpoint available to the entire internet.While it is plausible that a developer will forget to (re)secure an endpoint once they finish their development work, there are multiple practical steps you can take to catch or mitigate the problem.

Podcast

Episode #002: Building Production-worthy Software in SecOps Teams with Chris Horsley, CTO at Cosive

Before jointly founding Cosive with Kayne Naughton and Terry MacDonald, Chris Horsley (Cosive’s CTO) spent many years working in national CSIRTs in both Australia and Japan, as well as doing freelance secure software development for operations teams. In this interview Chris talks about the challenges of building software and writing critical automation scripts in SecOps teams.

Podcast

Episode #001: What Goes Wrong in Threat Intel Programs with Kayne Naughton, MD & Co-founder at Cosive

In this interview Cosive’s Managing Director Kayne Naughton shares what he’s learned about threat intelligence programs throughout his career in vulnerability development, SysAdmin and working on threat intel in the financial sector. Kayne is one of the co-founders of Cosive. Founded in 2015, Cosive specialises in trying to solve the difficult problems in security for Australian and New Zealand organisations.

Anti Phishing

Anti-phishing Strategies to Defend Your Organisation

If you feel like your phishing response team has been seeing more attacks than ever before, you’re not alone. The frequency of phishing and spearphishing attacks appears to be ever-increasing as people conduct more of their work and personal lives online. This post will cover the state of the art in anti-phishing techniques, with a focus on strategies that SOC teams, anti-phishing teams and fraud teams can use to defend customers against phishing attacks, and staff against spearphishing attacks.

Company Culture

Meet David Zielezna, Principal Consultant at Cosive

David joined Cosive in 2021 after five years with the Australian Communications and Media Authority (ACMA) and eight years with the Australian Federal Police (AFP). David’s career has spanned many areas of cyber security, from fighting spam and securing the Australian IP address space all the way through to cyber crime investigations and assisting with the prosecution of cyber crime offences. Outside of cyber security David is an avid chef, producing home made charcuteries, ferments and all things delicious.

Company Culture

Meet Emily Etchell, Security Consultant at Cosive

Like many of us in this space, Emily Etchell didn’t start her career in cybersecurity. Instead, Emily began her career in biomedical engineering, designing and building medical devices. Next, Emily started to learn about and work on securing medical devices. And that’s where Emily’s journey into cybersecurity began. Several years later, Emily is now honing her skills in reverse engineering at Cosive.

Threat Intelligence

Cyber Threat Intelligence (CTI) Crash Course

Cybersecurity is such a broad domain with so many different areas of expertise that it’s tough to be across them all.We all have known unknowns in the field, and none of us can be experts in everything.That’s why we’re kicking off our “Crash Course” series, where we’ll be diving into different areas of cybersecurity and answering the most common questions about the field.

Company Culture

Meet Chris Horsley, CTO at Cosive

Chris co-founded Cosive seven years ago, alongside Kayne Naughton and Terry MacDonald and serves as the company’s CTO. In this interview we sit down with Chris to cover his cybersecurity origin story, his time working in incident response in Japan, and the founding story behind Cosive.

Threat Intelligence

Establishing a Threat Intel Program: Principles for Security Leaders

One of the more frequent conversations we have with security leaders is how to establish a new threat intelligence program in their organisation. In these conversations there are a few basic principles that we cover because they’re applicable to almost everyone. We’re sharing these principles publicly so that more organisations can learn about our threat intel philosophy and avoid the most common mistakes that can lead to failed programs.

Threat Intelligence

How ChatGPT Could Transform the CTI Analyst Role

The interview in this post is taken from Episode 004 of the Cosive Podcast, where Cosive CTO Chris Horsley sat down with Tash Postolovski to talk about the implications for AI tools like ChatGPT on the future of the CTI Analyst role.

Threat Intelligence

7 MISP Best Practices: Lessons from Effective Threat Intel Teams

MISP is a powerful open source threat intelligence and sharing platform used by countless SOC teams around the world. Getting a barebones MISP instance up and running is well within the skill-set of most SOC teams. Download MISP, run it on a VM, and log in to the MISP admin console using default credentials… all within about 10 minutes. That part is easy. Now for the hard part: how do you get from a barebones MISP install to actually using MISP to solve real-world cybersecurity problems? Making that leap can be much more complex and challenging than it may seem on the surface.

Threat Intelligence

What is MISP? The Ultimate Introduction

We have extensive experience working with MISP at Cosive. We also offer a managed MISP service. Based on this expertise, we’ve put together this ultimate guide for anyone who wants to understand more about what MISP is, what it does, and how to use MISP.

Security Operations

Building Production-worthy Software in SecOps Teams: An Impossible Challenge?

Before jointly founding Cosive with Kayne Naughton and Terry MacDonald, Chris Horsley (Cosive’s CTO) spent many years working in national CSIRTs in both Australia and Japan, as well as doing freelance secure software development for operations teams. In this interview Chris Horsley (CTO at Cosive) talks about the challenges of building software and doing development in SecOps teams.

Threat Intelligence

What Goes Wrong in Threat Intel Programs

Company Culture

Meet Shanna Daly, Principal Consultant at Cosive

Shanna Daly (she/her) is the newest member of the Cosive team, bringing with her over two decades of experience in information security, digital forensics, and incident response.

Anti Phishing

Automating Anti Phishing Canary Credentials at Scale

In part 1 of our mini-series on canary credentials, we talked about what canary credentials are, why to use them, and how to use them well. It’s highly recommended to read part 1 first. So, let’s assume you’ve had some early success in manually using canary credentials in limited numbers - great! Now you’re looking to take your next steps. Arguably, the most powerful way to land a blow against phishing attackers and deter future attacks is using canary credentials at scale via automation. Here’s why.

Anti Phishing

How to Disrupt Phishing with Anti Phishing Canary Credentials

The traditional response to a phishing attack is to issue a take-down request and wait for the site to (possibly) be yanked offline. Take-downs, while necessary, just don’t hit phishers where it hurts - they still harvest plenty of stolen credentials while the site is up. In light of this, security teams are looking for new, more effective ways to fight back against phishers. Rather than be reactive, we want to disrupt phishers’ operations. A strategy rapidly gaining in popularity is the use of credential poisoning techniques, utilising what are referred to as ‘canary credentials’.

Engineering

Why Rust is Worth the Struggle

The Rust programming language sent ripples through the programming community when it was first released in 2015, promising the blazing speed of lower-level programming languages without the accompanying sharp edges. Four and a half years on, many programmers still view Rust with a mix of intrigue and trepidation due to its appealing premise and notoriously difficult learning curve. We sat down with one of Cosive’s Senior Developers, Sid Odgers, to talk about why he believes more programmers should take the plunge and learn Rust.

Company News

Cosive Takes 2nd Place at Splunk's 2019 AU & NZ Boss of the SOC Day

For the second year in a row, Cosive have finished in 2nd place AU & NZ-wide at Boss of the SOC Day, a massive cyber security capture the flag (CTF) competition involving hundreds of competitors.