All CosmicBytez Labs articles tagged #firewall, across news, security advisories, how-to guides, and projects.
CISA and the UK's NCSC have revealed that a US federal civilian agency's Cisco Firepower device running ASA software was compromised in September 2025...
US and UK cybersecurity agencies are warning about Firestarter, a custom implant that persists on Cisco Firepower and Secure Firewall devices running ASA...
A high-severity LDAP injection vulnerability in OPNsense's authentication connector allows unauthenticated attackers to bypass login controls by injecting...
Deploy CrowdSec on a Linux server to get community-powered intrusion prevention — block brute-force attacks, credential stuffing, and vulnerability...
Systematic audit checklist for network infrastructure security — firewall rules, segmentation, VPN configuration, DNS security, wireless security, and...
Complete FortiGate hardening guide covering admin access lockdown, firmware management, interface hardening, DNS/NTP security, certificate management,...
This document provides a comprehensive comparison between SentinelOne Singularity Control and Singularity Complete SKUs to help MSP teams understand the...
Deep Visibility is SentinelOne's EDR telemetry engine that provides comprehensive endpoint data collection for threat hunting, incident investigation, and...
Manual SentinelOne agent installation is used when automated deployment methods (GPO, RMM, SCCM) are unavailable or when installing on standalone...
Deploying SentinelOne agents across Windows endpoints at scale using Active Directory Group Policy Objects (GPO) enables centralized, automated agent...
Deploy, manage, and validate SentinelOne security policies across your endpoint estate using the SentinelOne Management API. This automated workflow supports:
Traditional endpoint protection focuses on file-based malware, but network-based attacks (lateral movement, command-and-control callbacks, port scanning,...
This document provides comprehensive procedures for forensic evidence collection, ransomware rollback, and threat remediation using SentinelOne Complete...
Organizations deploying SentinelOne endpoint protection require continuous monitoring of agent health to ensure comprehensive threat coverage across their...
This runbook provides a standardized process for onboarding new MSP clients to SentinelOne Singularity Complete. Following this methodology ensures...
This guide provides comprehensive best practices for configuring SentinelOne policies in MSP environments managing multiple client sites with Singularity...
Security Operations Centers (SOCs) face overwhelming alert volumes, complex threat investigations, and resource constraints. Analysts spend hours writing...
Modern enterprise networks contain a complex mix of managed endpoints (workstations, servers), IoT devices (IP cameras, printers, smart building systems),...
Full Remote Shell is a SentinelOne Complete feature that provides authorized administrators with secure, native command-line access to managed endpoints...
This runbook provides comprehensive guidance for integrating SentinelOne Singularity Complete with NinjaRMM and other RMM platforms. Proper RMM...
When SentinelOne detects a threat on an endpoint, security analysts must quickly investigate the alert to determine if it's a genuine malware infection,...
A critical unauthenticated remote code execution vulnerability in Palo Alto Networks PAN-OS GlobalProtect gateway allows complete firewall takeover. CVSS 9.8.
Automate FortiGate firewall policy creation, backup, and auditing using PowerShell and the FortiOS REST API. Includes bulk rule deployment, change...
Security researchers warn of mass exploitation campaigns targeting Fortinet FortiGate firewalls. Over 50,000 devices believed to be compromised globally.