This is the first article in the RTO series The Problem Red team and penetration testing activities are full of repetition: network scans, reconnaissance, OSINT collection, and routine validation tasks are necessary, but they are also time-consuming and error-prone when executed manually. Over time, most teams end up with a zoo of scripts, half-maintained tools,…
Read MoreFix contract list option wrongly disabled in SLM reports We fixed a bug affecting the SLM reporting in NetEye 4.45. The issue occurred during the modification of a report, when one of the contracts in the list could not be selected because the corresponding report would have been empty. In that case, the selection of…
Read MoreBug Fix We updated the version of GLPI in order to fix some relevant vulnerabilities. List of updated packages The following packages have been updated for NetEye 4.45:
Read MoreNetEye’s SLM module is tightly coupled to Icinga 2’s legacy monitoring backend, which was removed upstream with the introduction of IcingaDB. Official documentation exists that describes how to migrate configuration files written using the old syntax, but it’s incomplete and – more importantly – it doesn’t explain how to migrate PHP code that depends on…
Read MoreBug Fix in Tornado Module We solved an issue in Tornado’s rule configuration where the action_name field in director actions was being cleared after saving and deploying. When users created a rule with a director action and filled in both action_name and action_payload, the action_name value would disappear upon returning to the rule configuration. This…
Read MoreIf you’ve been in the Vue ecosystem for a while, you know that the jump from Vue 2 to Vue 3 is more than just a version bump – it’s a significant architectural evolution. It promises better performance, a more powerful Composition API, and a first-class TypeScript experience. Getting there from an old Vue 2…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4. Security Fix for NetEye 4.45 CVEs The CVEs include an Information Disclosure vulnerability, a Server-Side Request Forgery and 5 Denial…
Read MoreIn modern security programs the silos between offensive and defensive teams is no longer sustainable: attackers iterate faster, tooling evolves daily, and detection gaps are exploited in minutes, not months. In this environment purple teaming is not an optional maturity enhancement, but it becomes a foundational requirement for organizations that take risk management seriously. Purple…
Read MoreElastic Enterprise license renewal Previously, the Elastic Enterprise license was scheduled to expire on February 28, 2026.With this update, the Elastic Enterprise license has been renewed and will now expire on December 31, 2026. In the case the health-check light/01004_elastic_license_check.sh is preventing you from updating your NetEye Installation you can run the following command: neteye update –skip-tags check_health….
Read More
As 2025 comes to a close, we can make some observations regarding the evolution of the double-extortion ransomware attack landscape. The data shown is the result of the enrichment performed within SATAYO starting from the data made available by the Ransomfeed project. The URLs of the Data Leak Sites (DLS) of the various ransomware gangs…
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4. Security Fix for NetEye 4.45 CVEs The CVEs affect different components of the Elastic Stack, as outlined below. Packetbeat CVEs:…
Read MoreThe year has just come to an end, and after a long stretch of work I could really use some rest. But before closing everything out completely, there’s one last thing I wan to share, and it needs a bit of context about the project. We’re currently building a distributed application consisting of several components…
Read MoreTests are often treated as a safety net: something that catches bugs before they reach users. While that’s true, it’s only part of the story. A test suite is also a mirror. If you look closely, it tells you a lot about the structure, health, and long-term maintainability of your codebase. If you know how…
Read MoreThe current architecture and underlying technologies behind the Atlassian Rovo engine, in light of recent developments The last few months show the path forward If you’ve been following the evolution of AI in recent years, you know changes come fast and often, and even a single year can be much too long an interval to…
Read More
When setting up Jira Service Management (JSM), one of the most fundamental questions administrators face is, “Should we consolidate everything into one giant project, or split our teams into separate projects?”, this choice impacts agent productivity, reporting clarity, portal experience, permission management, SLA differentiation, and workflow control. There is no perfect universal configuration, the right…
Read More