Cyber Defence Analysis for Blue & Purple Teams

Cyber Defence Analysis for Blue & Purple Teams

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending May 8th
Copy link
Facebook
Email
Notes
More

Bluepurple Pulse: week ending May 8th

China is oh so very active..

Ollie's avatar
Ollie
May 06, 2022
∙ Paid
3

Share this post

Cyber Defence Analysis for Blue & Purple Teams
Cyber Defence Analysis for Blue & Purple Teams
Bluepurple Pulse: week ending May 8th
Copy link
Facebook
Email
Notes
More
Share

Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading).

Operationally this week we had a number of big vulnerabilities land and the scale of the intrusions into Heroku became clear (see relevant sections later). Other than that it has only taken us about a month to transfer details of a critical vulnerability to a vendor due to a slightly apathetic response their side. The fact this is a thing and there isn’t machine to machine brokerage service for vulnerability disclosure run by a CERT or similar makes me wonder if there is an opportunity to offer it “as a Service”.

In the high-level this week:

  • The Indian government issued the most bold set of stipulations ever with regards to incident reporting for a “Safe & Trusted Internet”. Including:

    • Any service provider, intermediary, data centre, body corporate and Government organisation shall report incidents within 6 hours

    • The mandatory reporting includes scanning, phishing etc.

    • The incidents can be rep…

Keep reading with a 7-day free trial

Subscribe to Cyber Defence Analysis for Blue & Purple Teams to keep reading this post and get 7 days of free access to the full post archives.

Already a paid subscriber? Sign in
© 2025 Ollie Whitehouse from BinaryFirefly
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More