Welcome to Sticky Rice Bytes. I write about security knowledge that sticks. No fluff, just actionable insights.
Recent Posts
Filter by topic:
Automating Chrome History Collection using CrowdStrike and Tracecat - Part 3: Professional Polish
Complete the automated forensic workflow with proper cleanup, session termination, and final documentation. Part 3 covers removing temporary files without destroying evidence, graceful RTR session closure, and comprehensive audit trail completion.
Automating Chrome History Collection using CrowdStrike and Tracecat - Part 2: The Collection Engine
Build the core evidence collection engine for automated Chrome history forensics. Part 2 covers integrity hashing, file copying with validation checkpoints, evidence packaging, and upload to RTR cloud storage.
Automating Chrome History Collection using CrowdStrike and Tracecat - Part 1: Foundation & Discovery
Learn how to automate Chrome browser history collection from macOS devices using CrowdStrike RTR and Tracecat SOAR. Part 1 covers workflow foundations, device validation, and user discovery.
Agentic Chat-Ops for Security Triaging: Building Google SecOps Slack Workflows - Part 1 Reading time: ~25 min
When I’m reviewing the alerts queue, what helps me manage the volume is automation. I’m a big proponent of automating parts of the response process where appropriate. When investigating an alert and I need to engage with the user to acquire more context, I’ll reach out via Slack and ask questions to help me understand whether the behaviour was expected or not.