Day: June 19, 2023

In today's rapidly evolving cyber threat landscape, traditional reactive approaches to cybersecurity are no longer sufficient. As attackers become more sophisticated, organizations must adopt proactive defense strategies to stay one step ahead. This article will delve into the changing face of threat hunting in 2023 and explore how cybersecurity professionals can master aggressive defense to combat emerging threats effectively.

The Evolution of Threat Hunting

Threat hunting has evolved from a reactive approach to a proactive one. Traditionally, organizations rely on security tools that detect known threats or anomalies after an attack. However, aggressive defense has become essential with the increasing complexity and frequency of attacks. Threat hunting now involves actively searching for signs of compromise within an organization's network and systems before an attack occurs.

Fluent Bit is a popular open-source log processor and forwarder that allows you to collect data from different sources, filter, and transform it before forwarding it to different destinations. In some cases, the data collected may contain sensitive information like passwords, credit card numbers, social security numbers, and other personally identifiable information (PII). To protect such information, you need to mask or obfuscate it before forwarding it to the destination. In this document, we will discuss how to mask sensitive information using Fluent Bit.

The goal of this guide is to convert structured logs that contain PII information like (mobile numbers, identity information, names, etc.)
{"timestamp":"2023-06-05T17:04:33.505+05:30","requestURI":"/api/user","message":"Sending SMS to mobileNumber=1234512345 registered on aadhaarNumber=1234512345"}
to a format where this information is masked.
{"@timestamp":"2023-06-05T17:04:33.505+05:30","requestURI":"/api/user","message":"Sending SMS to mobileNumber=******** registered on aadhaarNumber=********"}

When I discovered OpenAI on the 23rd of December 2022, I became obsessed. I hadn't had this much fun coding since I started 40 years ago. After playing with "fine-tuning" for a month and miserably failing, I found a YouTube video by Dave Shapiro that explained how to create a Q&A chatbot using OpenAI's "embeddings" API.

Dave has since removed the video, but it explains how to use OpenAI's embeddings API and combine it with their chat/completion API to create a Q&A chatbot that knows "everything" about the problem domain. Tage's reaction best sums up my findings, as he told me one day.