Craig Jorgensen

Craig Jorgensen
I'm a recent graduate from South Dakota State University with a degree in Computer Science. For me programming is both a passion and an occupation, but have been broadening my horizons as Customer Success Manager with Query.AI, where we are using Natural Language Processing to allow users to “talk to your data”.
Find me on:

Recent Posts

What is threat hunting?

Posted by Craig Jorgensen on May 7, 2021 12:01:41 AM

The term threat hunting spawns different ideas and has different meanings for seemingly everyone you talk to. Understanding what threat hunting is will help you better equip your security teams to respond to alerts and mitigate risk. But is it basic triage of known indicators of compromise (IOC) in a proactive manner or some magical Jedi skill that only masters can summon and execute?

Read More

Topics: Cyber Security, cybersecurity, threat hunting, threat hunter

Understanding Solarwinds, Microsoft Windows, VMware Attack of 2020

Posted by Craig Jorgensen on Mar 31, 2021 9:18:02 AM

An introduction of the supply chain attack caused in the Orion update protocol of the Solarwinds network management software suite of 2020.

Read More

Topics: Malware, cybersecurity, solarwinds

How Distributed Denial of Service (DDoS) Attacks Work

Posted by Craig Jorgensen on Dec 16, 2020 8:00:00 AM

Introduction

You might have read several of our other network security blogs covering topics that people in  the cybersecurity field need to know. Now is an excellent time to talk about Distributed Denial of Service (DDoS).

Read More

Topics: Distributed Denial of Service, DDoS

How to Get Started With Tcpdump

Posted by Craig Jorgensen on Oct 7, 2020 8:00:00 AM

Introduction


We have all have heard of network analyzers or packet sniffers, Wireshark with its command-line counterpart Tshark, or tcpdump.

This article explores how Linux's command-line power, combined with the tcpdump lexical parser's filter expressions, can be used for some complex networking debugging. If you are bored at home in these COVID times, how about extracting the video of a video conference capture? (On a serious note, only do this for your video with the participants' permission.)

Read More

Topics: Cyber Security, cybersecurity, Network Security, tcpdump

DNS Security Implications

Posted by Craig Jorgensen on Sep 23, 2020 8:00:00 AM

DNS - Do Not think it's Simple

In our recent series of articles, we talked about network security-related tools and techniques one needs to be aware of to build a cybersecurity career. Next, we will cover DNS and its related security implications!

DNS, or Domain Name System, translates domain names to IP addresses, so your browser/s can find what you searched. DNS resolvers are usually stub resolvers, which means that the full DNS records lie elsewhere.

Read More

Topics: Cyber Security, cybersecurity, DNSSEC, DNS

How to Secure Web Apps Running on Linux EC2 Instance

Posted by Craig Jorgensen on Aug 26, 2020 8:00:00 AM

If your organization is running a web application, you are likely to use EC2. Further, there is a high likelihood your instances are all Linux. Linux systems are robust and a suitable first choice for server applications like a MEAN stack express.js web server, an application built using open source LAMP stack, commercial proprietary software, or basic server using Apache or Nginx. Linux is also very widely used for both SQL and NoSQL database applications like Redis, Mongo, or Postgres or MySQL.

Read More

Topics: AI for Security, Machine Learning, AI, neural networks

Network Security with Zeek (Bro)

Posted by Craig Jorgensen on Aug 12, 2020 8:00:00 AM

Zeek the new Bro

Zeek is the new name for Bro that has been in existence since 1994. In this article, we will review the useful features of Zeek that make it a powerful tool for network analysis and security monitoring. Need a little more familiarity with Zeek? Check out our previous blog:  Bro: Security's Swiss Army Knife.

Read More

Topics: Cyber Security, cybersecurity, Bro, Zeek, Security Engineer

Bro: Security's Swiss Army Knife

Posted by Craig Jorgensen on Jul 14, 2020 8:00:00 AM

A swiss army knife is a plethora of tools wrapped up into one friendly and compact system. When describing anything as a swiss army knife, we mean they have a wide range of uses, whether it be knowledge, applicability, adaptivity, or otherwise.

Bro, the leading platform for network security monitoring, is quite an exciting ecosystem of wire-speed security analyzers and triggers. It takes a unique approach to network security monitoring, meaning it takes a bit of time to get used to it.

Bro was renamed to Zeek in 2018, but many still refer to it as "Bro." For this article, we will refer to it as "Bro." This is a gentle intro to familiarizing yourself with what Bro has to offer, complete with example code.

Read More

Topics: Bro, Zeek

Newfound Appreciation: Noam Chomsky

Posted by Craig Jorgensen on Jun 30, 2020 9:14:36 AM

We have all been there, sitting in class thinking to ourselves, "I will never use this in real life." However, life has a way of proving us wrong.

Enter Noam Chomsky

Read More

Topics: Recursively enumerable, Context-sensitive, Context-free, programming languages, Language

Introducing IRIS: QueryAI's Security Concierge App for Splunk

Posted by Craig Jorgensen on Dec 4, 2019 12:55:47 PM

 

Read More

Topics: Artificial Intelligence, Python, Cyber Security, Splunk