Welcome back to IT Pro Tuesday!
The latest episode of the Security Swarm Podcast: "Generative AI in Defensive Tools,” unravels the transformative impact of AI in cybersecurity defense. Discover how AI empowers defenders with enhanced knowledge of setting up robust defense mechanisms, from firewalls to anomaly detection systems. Amidst the prevailing focus on AI’s darker aspects, this episode illuminates its positive role in the security space, equipping blue teams to match wits with increasingly intelligent adversaries.
We're also looking for your favorite tips and tools we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.
As always, we’re updating the full list on our website here. Enjoy.
A Free Tool
Pinkie is a collection of network troubleshooting tools with an intuitive user interface. Offers pinging of multiple hosts, automated forward/reverse DNS lookups, and traceroute functionalities. Results can be conveniently saved to disk or copied to the clipboard, and traceroute supports both overall and per-hop copying, with right-click access to the last hop. Also includes a subnet calculator, ping sweep, port scanner, and TFTP server with support for RFC 1783 and 1784. hiirogen likes to "throw a bunch of IP's into it and continuously ping all of them at once in one window … It's mildly annoying that it seems to want you to register every time you launch it even if you already have, but other than that I dig it and it's free."
Create an Inactive M365 User Report with Microsoft Graph PowerShell explains how you can assess the accuracy of your M365 user list so you can identify dormant accounts that might expose your tenant to unnecessary risks. Covers how to extract a comprehensive list, including the LastSignInDateTime property and the LastNonInteractiveSignInDateTime property. Author notapplemaxwindows explains, it "will create a report of users with these 2 values including any licenses they have assigned. Simply sort the columns in Excel once you have the report to achieve your desired result!"
Another Free Tool
Vector is an open-source, high-speed solution for constructing observability pipelines. This featherweight tool seamlessly gathers, reshapes, and directs logs and metrics to allow effortless collection, transformation, and forwarding to your vendors. Delivers speeds up to tenfold greater than any comparable alternative. putacertonit appreciates that it "runs on windows and can receive syslog."
Dissecting Popular IT Nerds is a podcast intended for visionary leaders who seek to leverage IT as a "business force multiplier." Learn how IT executives are navigating the corporate landscape, propelling career growth, shaping user experiences, and building a nice work/life balance along the way. Odd-Card9468 adds, "Phil (the host) goes off into various tangents and it’s quite fun."
One More Free Tool
Roboshadow stands as a comprehensive cyber platform, seamlessly integrating essential components from cyber audits and penetration testing into a user-friendly, well-supported environment. With its free tier, organizations of all sizes can access a daily cyber governance report, to effortlessly foster heightened cyber awareness. Scripted_Shaman raves, "Literally the only free vulnerability management system out there. The free version of roboshadow does more than the premium service tier from Galactic Advisors."
P.S. Bonus Free Tools
OpenedFilesView is a utility that provides an inventory of currently opened files on your system, as well as useful data like handle value, access privileges, file position, and the corresponding responsible process. It can also close individual files or terminate the processes associated with them. OttoVonMonstertruck finds it "very useful to ID what programs have open file handles."
System Informer is a versatile system management tool designed to seamlessly monitor and analyze system resources, troubleshoot software issues, and identify potential malware threats. Offers system activity overviews, intuitive graphs, real-time statistics, active network connection monitoring, detailed disk access information, intricate stack trace analysis, and much more. evily2k describes it "like process explorer on steroids. Allows me to kill process that task manager would say access denied."
Have a fantastic week and as usual, let us know any comments.