Chetan ConikeeinShiftLeft BlogThe Optus Breach: How Bad Code Keeps Happening to Good CompaniesFirst, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information…3 min read·Sep 26, 2022----
Chetan ConikeeinShiftLeft BlogLog4Shell : JNDI Injection via Attackable Log4JApache log4j2 is one of the most widely utilized logging library in the Java ecosystem. Many applications depend on log4j that include and…6 min read·Dec 12, 2021----
Chetan ConikeeinShiftLeft BlogEvolving Threat series — Infiltrating NPM’s Supply Chain (UA-Parser-js)And if you think your are safe (as you recently procured a well marketed commercial open source dependency scanner) is when you are most…4 min read·Oct 24, 2021--1--1
Chetan ConikeeinShiftLeft BlogConnecting RaaS, REvil, Kaseya and your security postureRansomware is an epidemic that adversely affects the lives of both individuals and large companies, where criminals demand payments to…8 min read·Jul 11, 2021--1--1
Chetan ConikeeinShiftLeft Blog#Solorigate : SUPERNOVA forensics using Code Property GraphThe fallout of SolarWinds compromise has resulted in a bevy of new malware families, each with different characteristics and behaviors.8 min read·Jan 3, 2021----
Chetan ConikeeinShiftLeft Blog#Solorigate : A Month of Reckoning for SaaS software creators and consumersThe U.S. was caught off guard by foreign interference in the 2016 election. Given the powerful role of social media in political contests…7 min read·Dec 28, 2020----
Chetan ConikeeinShiftLeft Blog#Solorigate : SolarWinds SUNBRUST backdoor investigation using ShiftLeft’s Code Property GraphIf you’ve arrived to this post, I’d suggest reading the Part-1 and Part-2 to gain context.8 min read·Dec 28, 2020----
Chetan ConikeeinShiftLeft Blog#Solorigate : SUNBURST SolarWinds BackDoor : Crime Scene Forensics and detection techniquesFirst, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information9 min read·Dec 25, 2020----
Chetan ConikeeinThe StartupSUNBURST SolarWinds Breach: Crime Scene Forensics (continued)First, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information9 min read·Dec 17, 2020----
Chetan ConikeeinShiftLeft Blog#Solorigate : Visual Notes : SolarWinds Supply Chain compromise using SUNBURST backdoorFirst, let me be clear that I have no insider knowledge. This is my best guess at what occurred, based on publicly available information…3 min read·Dec 15, 2020--1--1