Blog Entries

05. 12. 2025 Davide Spano Azure, Microsoft

Azure DNS Private Resolver

Azure DNS Private Resolver is a managed service that enables you to resolve DNS queries for private DNS zones across Azure and on-premises networks, simplifying hybrid network architectures and removing the need for custom DNS servers or DNS forwarders hosted on virtual machines. This service reduces operational complexity and provides scalable, secure name resolution for…

Read More
04. 12. 2025 Antonio Cerullo Microsoft

Microsoft LAPS on Windows Server 2016: From Introduction to Installation

Preface Cybersecurity is one of the biggest challenges for IT systems engineers. In many companies, local administrator accounts on PCs share the same password during installation. Imagine a real-world scenario: malware enters the network, steals the local administrator password, and uses it to spread to dozens of machines. Within hours, every last bit of infrastructure…

Read More
03. 12. 2025 Luca Franzoi Front-end, Icinga Web 2, UX

Introducing a New Monitoring Interface: A Fresh, Flexible Experience

With the release of NetEye 4.45, we’re excited to present a fresh and improved monitoring experience through the integration of the IcingaDB Web interface. This update brings a modern, faster, and more intuitive way to explore and interact with your monitoring data. A Change That Brings New Opportunities We know that changes to familiar tools…

Read More
03. 12. 2025 Alessandro Romboli Microsoft

Single Sign-On for Power BI Report Server

Scenario Power BI Report Server is widely used in company environments, where typically several Windows servers with different roles are deployed in an OnPremise Active Directory domain. In this blog, I’ll describe how to configure user single sign-on access to a Power BI Report Server: the underlying protocol for authentication will be Kerberos and its…

Read More
01. 12. 2025 Andrea Mariani NetEye, Unified Monitoring

Running the Icinga Agent as SYSTEM? No Thanks.

A safer way to run privileged Windows checks with SystemRunner If you’ve been monitoring Windows for a while, you’ve probably seen this pattern: some checks must run as LocalSystem (S-1-5-18), and the “quick fix” is to run the Icinga Agent itself as SYSTEM. It works. It’s also a really bad idea. Why? SystemRunner takes a…

Read More
01. 12. 2025 Franco Federico Unified Monitoring

Monitoring Access Points behind a Fortinet Firewall

A customer recently asked me to monitor their access points. Currently, they had no monitoring system for their 100+ access points other than a firewall view showing the status of individual access points. The firewall in question was a Fortigate 660e. I checked, and we already have an NEP that performs monitoring for Fortinet, which…

Read More
01. 12. 2025 Mattia Codato Downloads / Release Notes, NetEye, Unified Monitoring

NetEye 4.45 Release Notes

Welcome to version 4.45 of our NetEye v4 Unified Monitoring Platform. As you log in, you’ll be welcomed by the serene winter landscape of St. Magdalena/Santa Maddalena in Villnösser Tal/Val di Funes. The small village rests quietly beneath the dramatic Geisler peaks, blanketed in fresh snow that softens every contour. Morning light brushes the slopes,…

Read More
27. 11. 2025 Alessandro Paoli NetEye

Deploying a Podman Container for NetEye Plugin Execution

This document describes the steps required to build, configure, and operate a Podman container based on php:8.2-cli, with the SNMP extension enabled, intended for executing monitoring plugins within a NetEye/Icinga environment. Create a Containerfile with the following contents: FROM docker.io/php:8.2-cliRUN apt-get update && \ apt-get install -y libsnmp-dev snmp && \ rm -rf /var/lib/apt/lists/* &&…

Read More
27. 11. 2025 Beatrice Dall'Omo Exposure Assessment, SEC4U

See What Outsiders See: The External Attack Surface Management Report

Organizations often struggle to understand how they truly appear from the outside. Security teams work hard to protect internal systems, yet the real exposure visible to potential attackers often remains unclear. That’s why we created the External Attack Surface Management (EASM) report. By delivering this report we want to provide a clear overview of the…

Read More
26. 11. 2025 Mirko Ioris Blue Team, SEC4U

You’ve Got a New Message! Oh No… It’s Malware!

On October 1, 2025, Würth Group employees were targeted by a WhatsApp-based cyberattack. A few users fell for it and some devices got infected. The attack was promptly detected by our Cyber Defense Center, and was stopped before it could spread further. Investigating the threat more deeply, we discovered it was part of a wider…

Read More
25. 11. 2025 William Calliari Development

Understanding the Huffman Table Optimization

A while ago I was studying the webp image format by Google out of curiosity. I had written a .png parser in the past and was interested in seeing how the lossless VP8L encoding in particular was working in that library. While I was using a external Rust library to decode the actual image data…

Read More
24. 11. 2025 Attilio Broglio Log-SIEM, NetEye

How to Fix Transformation Problems After Upgrading to Elasticsearch 9.0

With the upgrade to NetEye 4.44, we’ve added a lot of new features (https://www.neteye-blog.com/2025/10/neteye-4-44-release-notes/) and, from my point of view, one of the most relevant is the introduction of Elastic Stack 9. This Elasticsearch major release (https://www.elastic.co/guide/en/elastic-stack/9.0/elastic-stack-release-notes.html) includes some new functionalities such as: ESQL Lookup Joins , LogsDB Index Mode Optimizations, etc. During various migrations…

Read More
17. 11. 2025 Luca Zeni Blue Team, Events, Red Team

SANS 504 – A New Experience in London

My SANS Course in London – April 2025 Back in April, I had the opportunity to attend a SANS course in London. More precisely, SANS 504: Hacker Tools, Techniques, and Incident Handling. The course ran from April 7th to April 12th, and those six days were intense, exciting, and surprisingly fun in ways I didn’t…

Read More
12. 11. 2025 Alberto Debiasi Events, NetEye

Highlights from the NetEye Conference 2025: When Intelligent Operations Become Reality 

The NetEye Conference 2025 in Verona offered a full day of deep-dive sessions, live use cases, and peer-to-peer learning – all centered around one guiding theme: Intelligent Operations in Action.  Our community explored how observability, cybersecurity, and service management converge to create smarter, more resilient IT ecosystems. Keynotes by Sebastiano Barisoni and Matteo Meucci set…

Read More
05. 11. 2025 Massimo Giaimo SATAYO, Threat Intelligence

Embedding Threat Intelligence into Your Security Operations

Producing actionable intelligence must be the mindset that every Threat Intelligence analyst must set as their primary objective. The problem of properly integrating Threat Intelligence into Security Operations processes is a recurring one. In this article, I aim to describe the integration process we, at Würth IT, have implemented, which allows us to produce actionable…

Read More

Archive