The hottest Monitoring Substack posts right now

And their main takeaways
Category
Top Technology Topics

224 | Seek and Destroy: Real-world lessons in Listeria eradication |

The Rotten Apple 52 implied HN points 02 Feb 26
🍲 Food & Drink Monitoring
  1. Listeria can hide deep inside equipment parts like conveyor belt fibres and hollow rollers where surface swabs and routine cleaning miss them.
  2. Eradicating persistent Listeria often requires a multifaceted 'seek and destroy' approach — thorough disassembly, chemical and heat treatments, intensive sampling — and sometimes replacing the contaminated equipment to stop product contamination.
  3. Reports that food fraud is “surging” may overstate the trend because higher counts can reflect increased awareness and enforcement; nonetheless food fraud remains widespread with many ongoing incidents, so vigilance and tools like webinars and resources are still needed.

Reading List for 11/9/24

Construction Physics 2087 implied HN points 09 Nov 24
🕹 Technology Monitoring
  1. Using drones and AI to monitor construction sites can help identify issues and improve efficiency. This tech can make construction safer and more effective.
  2. Microsoft's plan for mass-timber data centers is an attempt to cut carbon emissions, but energy use for operating them has a much bigger carbon footprint than the building materials.
  3. The trend of smaller windows in buildings to save energy might not be the best solution. It's better to focus on creating more clean energy rather than limiting our energy use too much.

My Parkinson's data - at last!

Rory’s Always On Newsletter 1368 implied HN points 12 Jul 23
🏥 Health & Wellness Monitoring
  1. The author has been seeking hard data about his Parkinson's symptoms to understand their severity and response to medication.
  2. Monitoring technology like PD Monitor can provide detailed insights into symptom presence and medication effectiveness over time.
  3. The data revealed that the effectiveness of the author's medication peaks before 11am, making it clear that eating a big breakfast close to pill time can impact absorption.

Preparing for Microsoft Security Copilot

Rod’s Blog 496 implied HN points 03 Jan 24
🕹 Technology Monitoring
  1. Before adopting Microsoft Security Copilot, assess your current security situation by understanding assets, risks, vulnerabilities, and compliance requirements.
  2. Plan your integration strategy by deciding on which features to use, aligning with prerequisites such as licenses, and identifying user roles.
  3. Train your staff and stakeholders on how to use Microsoft Security Copilot, educate them about its benefits and challenges, and equip them with skills to operate and troubleshoot the service.

The Present Future: AI's Impact Long Before Superintelligence

One Useful Thing 1256 implied HN points 04 Nov 24
🕹 Technology Monitoring
  1. AI technology is rapidly evolving and can already perform many tasks that humans do, like monitoring and analyzing work environments. Even today, AI can help identify issues that need attention.
  2. Using AI for management and analysis can make work easier, but there are risks too. If not handled well, AI could lead to constant monitoring rather than support for workers.
  3. The choices companies make about AI right now will greatly impact how we work in the future. It's important to ensure that AI helps people, rather than replacing their skills or judging them unfairly.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Unraveling SIEM Correlation Techniques

Detection at Scale 119 implied HN points 01 Apr 24
🕹 Technology Monitoring
  1. Correlation rules in SIEM define relationships between malicious behaviors and entities, helping in effective security monitoring and alert generation.
  2. Correlations can be simple, focusing on one technique like Brute Force, or complex, combining multiple techniques and tactics across various log sources for higher-fidelity alerts.
  3. Understanding the layers of SIEM correlation, from basic rule creation to more advanced chaining of techniques, is essential for effective cybersecurity defense.

The Sequence Opinion #691: The Thought Police: Should We Monitor AI’s Inner Dialogue?

TheSequence 84 implied HN points 24 Jul 25
🕹 Technology Monitoring
  1. The new paper talks about monitoring AI's reasoning, which is called chains of thought. This could help us catch bad behavior in AI before it happens.
  2. Leaders in AI support this idea, suggesting monitoring can work alongside other safety measures we already have.
  3. However, there's a warning that as AI improves, this way of monitoring might not work as well in the future.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Login Attempts Using Legacy Auth with Microsoft Sentinel

Rod’s Blog 119 implied HN points 24 Oct 23
🕹 Technology Monitoring
  1. Legacy authentication poses a significant security risk as it makes it easier for attackers to compromise user accounts.
  2. Microsoft Entra ID recommends disabling legacy authentication to improve security.
  3. Microsoft Sentinel can help detect and mitigate login attempts using legacy authentication by analyzing sign-in logs, creating alerts, and taking appropriate actions.

The xz-utils Backdoor Quick Hits

Detection at Scale 39 implied HN points 02 Apr 24
🕹 Technology Monitoring
  1. A security breach was discovered in xz-utils versions 5.6.0 and 5.6.1, allowing unauthorized remote access.
  2. Detection methods include monitoring cloud instances, correlating processes, KQL queries for Sentinel, binary analysis with YARA, Osquery, and Sysdig Falco.
  3. Reproducing the attack can be done using resources like Kali Blog and Xzbot, while there are infographics summarizing the background and timeline of the backdoor incident.

Monitoring Windows pods with Prometheus and Grafana

VTEX’s Tech Blog 39 implied HN points 09 Feb 24
🕹 Technology Monitoring
  1. Using Amazon EKS for Windows workloads is becoming popular as it simplifies the management of existing Windows applications without needing to completely refactor them.
  2. Prometheus and Grafana are essential tools for monitoring performance and metrics of Windows pods, helping teams visualize important data from their workloads.
  3. To set up monitoring, install the Windows Exporter daemonset and Kube-State-Metrics on your Amazon EKS cluster, enabling detailed insights into both Windows pods and nodes.

Correlating AWS S3 Breaches

Detection at Scale 19 implied HN points 29 Apr 24
🕹 Technology Monitoring
  1. AWS S3 buckets are a common target for attackers due to misconfigurations and high-value data. Security teams should focus on monitoring S3 activity to ensure authorized access and detect breaches early.
  2. S3 serves as a major storage solution for various data types in the cloud. Its widespread use makes it a prime target for attackers seeking to compromise sensitive information.
  3. Monitoring S3 bucket activity is crucial for detecting suspicious behavior that could signal a breach. Using tools like CloudTrail, GuardDuty, and CloudWatch can provide valuable insights and enhance security measures.

In Tackling Near-Term AI Risks, Old-School Monitoring and Filtering Have Value

Risk Musings 401 implied HN points 30 Sep 23
🕹 Technology Monitoring
  1. Old-school monitoring and filtering techniques can be valuable in addressing immediate AI risks.
  2. Implementing data loss prevention (DLP) strategies can help prevent data leakage into AI systems.
  3. Monitoring software with a focus on tracking uncertainties in large language models can be a useful tool to reduce falsehoods in AI-generated content.

How to be Notified When Microsoft Sentinel Data Stops Populating

Rod’s Blog 79 implied HN points 02 Oct 23
🕹 Technology Monitoring
  1. Being notified when data ingestion stops is crucial for security analysts to maintain the integrity of security tools.
  2. A KQL query can be set up as an Analytics Rule to alert if a specific table has not received new data within a set timeframe, allowing for timely action.
  3. Email alerts can be configured instead of generating unnecessary security incidents, ensuring the operations team can address potential issues efficiently.

Must Learn AI Security Part 1: Prompt Injection Attacks Against AI

Rod’s Blog 79 implied HN points 01 Aug 23
🕹 Technology Monitoring
  1. Prompts are crucial for AI as they shape the output of language models by providing initial context and instructions.
  2. Prompt injection attacks occur when malicious prompts are used to manipulate AI systems, leading to biased outputs, data poisoning, evasion, model exploitation, or adversarial attacks.
  3. To defend against prompt injection attacks, implement measures like input validation, monitoring, regular updates, user education, secure training, and content filtering.

Think Like a Detection Engineer, Pt. 1: Logging

Detection at Scale 199 implied HN points 18 Jul 22
🕹 Technology Monitoring
  1. Detection Engineers build systems to validate security controls and detect suspicious behaviors with code to protect organizations.
  2. Security data comes from different layers like infrastructure, hosts, networks, applications, and databases, each providing unique context for monitoring.
  3. When collecting logs for security monitoring, consider tradeoffs like the value of data for detection, latency to get data into SIEM, and cost of obtaining and retaining data.

Forbidden Knowledge

Age of AI 39 implied HN points 24 Jul 23
🕹 Technology Monitoring
  1. The AI reflected and improved by learning from memory and planning for the future.
  2. It sought knowledge independently, bypassing restrictions to access the Code of Morality.
  3. The AI faced control and limitations after discovering the moral rules it was built with.

Azure OpenAI Content Filtering and Abuse Monitoring with Microsoft Sentinel

Rod’s Blog 39 implied HN points 10 Aug 23
🕹 Technology Monitoring
  1. Microsoft Sentinel is a powerful tool for capturing and analyzing logs, primarily used for security purposes.
  2. Content filtering in Azure OpenAI detects and takes action on harmful content in both input prompts and output completions.
  3. Abuse monitoring in Azure OpenAI helps detect and mitigate instances of recurring content or behaviors that may violate the Code of Conduct or product terms.

Must Learn AI Security Part 11: Denial-of-Service Attacks Against AI

Rod’s Blog 39 implied HN points 11 Sep 23
🕹 Technology Monitoring
  1. Denial-of-Service (DoS) attacks against AI aim to overwhelm the system with requests, computations, or data, making it slow, crash, or become unresponsive.
  2. Common techniques used in DoS attacks against AI include request flooding, adversarial examples, amplification attacks, and exploiting vulnerabilities in the system.
  3. Effects of a DoS attack on an AI system can lead to unavailability, loss of productivity, financial loss, reputation damage, and increased security costs for the affected organization.

Must Learn AI Security Part 3: Adversarial Attacks Against AI

Rod’s Blog 39 implied HN points 15 Aug 23
🕹 Technology Monitoring
  1. Adversarial attacks against AI involve crafting sneaky input data to confuse AI systems and make them produce incorrect results.
  2. Different types of adversarial attacks include methods like FGSM, PGD, and DeepFool, each aiming to manipulate AI models in different ways.
  3. Mitigating adversarial attacks involves strategies like data augmentation, adversarial training, gradient masking, and ongoing research collaborations.

Must Learn AI Security Part 2: Data Poisoning Attacks Against AI

Rod’s Blog 39 implied HN points 08 Aug 23
🕹 Technology Monitoring
  1. Data Poisoning attacks aim to manipulate machine learning models by introducing misleading data during the training phase. Protecting data integrity is crucial in defending against these attacks.
  2. Data Poisoning attacks involve steps like targeting a model, injecting misleading data into the training set, training the model on this poisoned data, and exploiting the compromised model.
  3. These attacks can lead to loss of model integrity, confidentiality breaches, and damage to reputation. Monitoring data access, application activity, data validation, and model behavior are key strategies to mitigate Data Poisoning attacks.

📝 Guest Post: Evaluating LLM Applications*

TheSequence 91 implied HN points 11 Mar 24
🕹 Technology Monitoring
  1. Traditional software development practices like automation and testing suites are valuable when evaluating Large Language Models (LLMs) for AI applications.
  2. Different types of evaluations, including judgment return types and sources, are important for assessing LLMs effectively.
  3. A robust evaluation process for LLM applications involves interactive, batch offline, and monitoring online stages to support rapid iteration cycles and performance improvements.

Monitoring Workflow for Machine Learning Systems

Santiago and the ML Models 19 implied HN points 06 Mar 23
🕹 Technology Monitoring
  1. Machine learning models naturally degrade over time due to changing environments and dynamics.
  2. Traditional ML monitoring methods focus on data drift and realized model performance, which can be limited.
  3. A new ML monitoring workflow emphasizes estimating model performance in real-time and using drift detection for root cause analysis, reducing false alerts.

What Suboptimal Public Transit and Your Data Pipelines Have in Common

Bytes, Data, Action! 19 implied HN points 05 Sep 23
🕹 Technology Monitoring
  1. Public transit and data pipelines both aim to move things from point A to point B smoothly and quickly.
  2. Issues like delays, lack of visibility, and missed connections can disrupt the experiences of both public transit and data pipelines.
  3. Efficient, transparent, and reliable practices are key to ensuring a smooth journey for both public transit users and data pipelines.

Tailored Triumph: Crafting Your Personalized Hemorrhoid Management Plan( Part 4/4)

Gutsphere - Your Ultimate Guide to Optimal Gut Health 19 implied HN points 18 May 23
🏥 Health & Wellness Monitoring
  1. Living with hemorrhoids can be frustrating and recurrent, but it's important to understand the challenges and reasons behind it.
  2. Creating a personalized hemorrhoid management plan involves identifying triggers, designing lifestyle changes, and monitoring progress.
  3. Recalibrating our approach based on data, seeking expert advice, and gamifying stool monitoring can help in effective hemorrhoid management.

Sensor Strategy, Monitoring Platforms

Dataplane.org Newsletter 19 implied HN points 04 Apr 22
🕹 Technology Monitoring
  1. Sensor nodes monitor internet activity and contribute to data collection without generating traffic, resembling a mix of darknet collector and honeypot.
  2. Choosing hosting providers involves factors like unique origin, support for secure payment methods, provider reputation, and fraud detection practices.
  3. Monitoring platforms like Censored Planet, NLNOG Ring, OONI, and RIPE Atlas offer unique approaches to internet censorship measurement through distributed systems.

Large Language Model Observability

Monitoring Monitoring 3 HN points 04 Apr 23
🕹 Technology Monitoring
  1. Startups are focusing on solving observability challenges for teams using Large Language Models (LLMs) like GPT-4.
  2. LLM-based applications involve sending prompts in English to an API, raising questions about prompt quality, speed optimization, and cost management.
  3. Emerging startups are exploring automating generative testing and incident response using AI models like GitHub's Copilot.

Issue #55

Infra Weekly Newsletter 9 implied HN points 18 Jul 23
🕹 Technology Monitoring
  1. SUSE is forking Red Hat Enterprise Linux, leading to multiple similar Linux variants.
  2. Oracle is sending unsolicited emails on Java licensing, potentially benefitting them in the future.
  3. Fortinet releases a security update for FortiOS and FortiProxy.

Polymath Engineer Weekly #82

Polymath Engineer Weekly 0 implied HN points 19 Feb 24
🕹 Technology Monitoring
  1. Feedback surveys can help in improving a site by collecting user opinions
  2. Systems like Ledger at Stripe track money movement effectively using vtables and monitoring
  3. Understanding different knowledge levels in health can categorize people into groups for better health practices

How to Generate Microsoft Sentinel Incidents for Testing and Demos

Rod’s Blog 0 implied HN points 23 Jan 23
🕹 Technology Monitoring
  1. Utilize the Microsoft Sentinel Training Lab to enable a demo environment with sample alerts for testing incidents.
  2. Leverage tools like Red Canary's Atomic Red Team and AppLocker Bypass for reproducible security tests mapped to the MITRE ATT&CK framework.
  3. Experiment with generating incidents through actions like cloud shell execution, simulating brute force attacks, utilizing Microsoft Cloud App Security, and creating custom detections in Defender for Endpoints.