Cyber Security 11
This blog article explores six significant improvements in the software security of OTRS 8 over previous versions. We'll look at how they affect developers, administrators and users. The principle Security by Design affects different aspects of the OTRS software. It:…
Read more
During my vacation, I thought about new integration use cases I can show you. Because I'm also evaluating Phantom at the moment and was invited to join their Slack community, I thought this would be a nice use case. So…
Read more
One of the key features of "STORM powered by OTRS" is automizing daily manual tasks. Some months ago I was with a CERT team and they want to create & update tickets in STORM and afterwards send emails to the recipients.…
Read more
As you may have noticed, OTRS Group has launched "STORM powered by OTRS" in the last year, which is used in IT security departments and companies for a long time due to the well-documented code of OTRS and a huge…
Read more
"STORM powered by OTRS" is used in security departments and companies for a long time due to the well-documented code of OTRS and a huge background in the CERT area. In one of my recent projects, the team wanted to…
Read more
One of the features of "STORM powered by OTRS" is the information floater which allows to search for patterns in an article of a ticket. The feature was designed to enrich the content of a ticket without having to add static…
Read more
In one of my last blog articles I told you how to request IP information from NeutrinoAPI. At the moment this information is only stored in the dynamic field "IPAddressInformation" and is overwritten every time when you change the dynamic…
Read more
"STORM powered by OTRS" is used in IT security departments and companies for a long time due to the well-documented code of OTRS and a huge background in the CERT area. In one of my recent projects, the team wanted…
Read more
A user recently complained about the OTRS package manager ability to execute code from packages (CVE-2018-7567). There are good reasons for this (packages install code anyway, required for complex setup routines), but of course, it means that admins better double…
Read more
From time to time I missed the possibility to inform agents via Threema about ticket events. Last week I had a customer from the cybersecurity sector, who needs the possibility to inform agents via Threema. Because I really like this…
Read more