In recent days I came across an interesting case: inventorying a fleet of Cisco phones… without SNMP. The devices only exposed a web UI, so no classic polling was possible. The solution was simple: query the phones’ HTTP pages, extract useful information, and send it to GLPI. The Idea The approach is intentionally minimal: No…
Read MoreCreating a GitHub organization is easy. Creating a public one that is actually well-structured, secure, and maintainable over time… not so much. At the beginning, it feels like a simple task: create the org, push some repositories, maybe define a couple of teams, and you’re done. But as soon as things become public, the whole…
Read MoreThis article expands on the topic introduced in my earlier blog post Secure Access to Applications with Azure, which focused on securing access to an on-premises web application using Microsoft Entra Application Proxy. Global Secure Access is Microsoft’s unified framework for securing access to private resources, Microsoft 365 services, and internet destinations through identity-aware controls….
Read MorePractical lessons learned from real-world alert routing, automation, and integrations
Read MoreIn the last few months I’ve been delving ever deeper into the Atlassian Forge ecosystem, the serverless platform that allows you to develop apps integrated into Jira, Confluence and other Atlassian cloud products without having to deal with infrastructure, authentication or hosting. The goal? Creating my first Forge app from scratch and understanding its complete…
Read MoreRecently we had to monitor an EKS cluster and several other resources using NetEye. AWS already provides solid dashboards out of the box, but log analysis isn’t as flexible as in Elasticsearch, and costs can easily grow out of control. Our goals were to: AWS CloudWatch is a monitoring and observability service that collects logs,…
Read MoreA pentest is only as valuable as the report that comes out of it. You can find critical vulnerabilities, chain exploits creatively, and demonstrate full infrastructure compromise, but if your report is unclear, overly technical, or poorly structured, its impact will be limited. A strong pentesting report bridges the gap between technical discovery and business…
Read MoreA Rule Is More Than a Query In modern detection engineering, a rule is often misunderstood as just a query that triggers alerts. In reality, within Elastic Security, a detection rule is a structured, versioned, and lifecycle-managed object that goes far beyond simple query logic. Understanding this structure is essential for anyone operating in a…
Read MoreModel selection, infrastructure sizing, vertical fine-tuning and MCP server integration. All explained without the fluff. Why Run AI on Your Own Infrastructure? Let’s be honest: over the past two years, LLMs have evolved from a tool perceived as experimental and reserved for researchers into something companies use every day for concrete, practical tasks. And with…
Read MoreWe addressed the following issues in the Alyvix module UI: List of updated packages
Read MoreTL;DR The Challenge LinkedIn is my single source of truth for professional experience. Every new role, certification, or skill update goes there first. A person’s CV should reflect those changes automatically – not weeks later when he or she remembers to manually copy information across formats and through different portals. The idea was simple: build…
Read MoreIn this article I’d like to share my experience with Elastic certifications. Recently, I had the opportunity to take the Elastic Certified Engineer and Elastic Certified Observability Engineer exams and I’d like to describe my preparation, experience and finally share some useful tips for anyone else who wants to follow the same path. Overview of…
Read MoreBecause “it works on my machine” is not an observability strategy. How It Started As an observability engineer, my workflow when starting a new project is pretty consistent: find the OpenTelemetry SDK for the language or framework in use, understand its quirks and limitations, and build from there. So when I picked up a Flutter…
Read MoreError during GLPI inventory task execution We have fixed a bug related to the Asset Management module and in particular in the usage of the GLPI inventory plugin to gather the inventory. List of updated packages To solve the issue mentioned above, the following packages have been updated for NetEye 4.46:
Read MoreA scalable approach to detecting malicious domains using Threat Intelligence and Indicator Match Rules One of the most common techniques used in phishing and initial access campaigns is the creation of domains that closely resemble legitimate ones. Attackers exploit typosquatting, homograph attacks, and brand impersonation to deceive users and steal credentials. For a Security Operations…
Read More