Exploring the Human Fingerprints on Malware By. In case you missed our LevelUp sock competition You have [ Win a pair of Level Up socks! This exclusi [ Best training ever!
Explore the variety of roles in cyber security through our blog '20 Coolest Cyber Security jobs'. Toggle navigation. What makes SANS courses the best investment for information security training? They are full of important and immediately useful techniques that you can put to work as soon as you return to your office.
They were developed through a consensus process involving hundreds of administrators, security managers, and information security professionals and address both security fundamentals and the in-depth technical aspects of the most crucial areas of information security. SANS features the best instructors and course authors in the industry.
However you view the cyber kill chain, it is a strong pillar within Infosec, especially when it comes to defending your network. Amanda Berlin joins me today to talk about the cyber kill chain, what it is and how to disrupt attacks using it! On the defensive side, enhanced logging and locked down configurations are put in place to detect and prevent the use of these tools by malicious actors to either catch or prevent these actors from doing harm. Episode 35 — Container Security with Jay Beale.
Lately, containers have been the go-to for modern organizations in order to scale and implement things like microservices. Jay Beale of InGuardians fame joins me to talk all about container security! Episode 34 — Exploring Powershell with Mick Douglas. Living off the land is pretty standard fare for pen testers. Episode 33 — 3 Pillars for Starting a Security Program. In this episode John goes at it alone and discusses his own experiences with starting up a security program at different organizations by focusing in on what he views are the 3 key pillars for a new security program.
Episode 32 — Fireside Chat with Deviant Ollam. Continuing on with my fireside chat series, where I bring on a guest to just have a casual chat and see where the conversation takes us, my guest this time is Deviant Ollam. Well known for his work with TOOOL and the locksport community, we take a different path and talk about physical penetration testing as well as hear some great stories from the road.co.organiccrap.com/102734.php
The Unique Adventure of Starting a New Business
Adrian has been in the industry for quite some time in quite a variety of roles, so he has some great experience and insights to share. Jerry and Andrew join me for another infosec tabletop with all new scenarios, pitfalls, and approaches. The Infosec community is no exception to this.
In fact I would argue that it is one of the strongest communities I have encountered yet! Some links of interest: MeetUp. All of these symptoms and conditions are well known to anyone who has spent a few years in security. Danny Akacki joins me on this episode to talk about his own mental health, what are some of the things that has helped him, and he also gives us some insight on his contributions back to the community through the creation of infosanity.
Have a listen to find out! The crowd. Recently gaining attention again due to some news events that were much ado about nothing, there is still a bit of a mystery with crowdsourcing and how best to secure it. Organizations like Bug Crowd and HackerOne have shown it can be used for specific security tasks, but what about in general?
- iPad (3ème génération) Pas à pas Pour les Nuls (French Edition)!
- Primary Mobile Navigation.
- Medienkompetenz. Handbuch zur Wissensverarbeitung für Pflegende und Hebammen (German Edition)!
- The Devolutions Time Capsule - The Devolutions Blog?
- Friday Squid Blogging: Robot Squid Propulsion.
Nicolas Valcarcel joins me on this episode to share his thoughts and experience with security the crowd and what organizations should be aware of when considering using the crowd for their own purposes. Episode 24 — Fireside Chat with Joe Gray. In the first of a new format, I sit down with Joe Gray with only a handful of questions and just chat. We cover things from Through The Hacking Glass, upcoming talks that Joe will be doing, to the various conferences that Joe will be attending.
Also, make sure you listen for a special easter egg that Joe has for those who are in the Atlanta area in September for entry to a conference at no cost! Episode 23 — Speaking to Developers with James Jardine. Continuing with the theme of soft skills that any infosec professional should have, this episode will focus on developers. I sit down with James Jardine from the DevelopSec podcast to talk about how best to communicate with developers. Just like executives, developers have a different language and approach that is needed in order to communicate effectively.
Trying to avoid the all-to-common animosity between developers and security, James and I discuss some strategies to help build bridges between the groups and not burn them to the ground. Some links of interest: www. Nothing helps out security more than information. In Infosec, knowledge is key and sometimes we need to roll up our sleeves to get the information we need from various open source outlets. I love purple teams.
Purple teaming is something that I was hoping to share with more people and more organizations! Blue Team? Not all penetration testing is done in a virtual setting or even through a phone call. Sometimes you need to get down and dirty and actually interact with people. In this very special episode I sit down and speak with the great Jek Hyde about physical penetration testing and everything that it entitles.
Episode 19 — Speaking to Executives with Tracy Maleeff. Have you heard the term, managing up? We are an industry of social introverts and generally prefer the warm embrace of an IRC screen, Twitter feed or Slack channel for our communications. Tracy Maleeff, the InfoSecSherpa, joins me to help guide us all on proper techniques to communicate with senior leadership. Episode 18 — Threat Hunting with Will Harmon. Take a pinch of blue, a dash of red, plus some good old fashioned investigative intuition and you get Threat Hunting!
This is a packed episode full of security goodness and definitely not one you want to miss! We go through a few different scenarios with you all in the hopes you find it enjoyable, entertaining, and educational.
If you enjoyed this episode, please let me know! Special shout out to badthingsdaily on Twitter for helping provide the scenarios! This is the audio that you will hear from the various other podcasts that were on the episode with me. I was a bit star-struck, but it was a great time all around.
Normally the list gets updated every 3 years or so, with the previous release being Now with the list being finalized, I felt it was appropriate for us to go through it and look at it from a red and blue team perspective.
Ubuy Kuwait Online Shopping For cyber in Affordable Prices.
We either love them or hate them, but we cannot deny that they are needed. Either to prove a set of skills, prove the ability to memorize facts and take tests, or to prove that our egos are bigger than our peers, there are lots of opinions on certifications. We discuss what certifications are good for, our opinions on them, HR managers, and where you can find resources to help you study.
Episode — Security Scenario Generator with Dr. Cliffe Schreuders. As security professionals, we often try to keep our skills sharp. We normally do this by going to training, reading books, or participating in CTFs. This week I speak with Dr. Penetration testing. Now there seems to be a trend with penetration testing moving to a crowdsourcing model. Scott Piper joins me this week to discuss how we can detect intruders in your AWS cloud infrastructure.
We cover a lot of different tools and techniques that you can use to help detect intruders, and some mitigation strategies to help reduce the risk when an attack is successful. The cloud. The final frontier. Unfortunately has been the year of leaks, hacks, and misconfigurations when it comes to the cloud.
Discuss this article
Amazon Web Services AWS is the cloud provider with the most market share, but its security configuration can leave a bit to be desired. Cole has written about IAM policies on his blog link below , which I encourage everyone to read. Episode — Securing Linux in Hostile Networks.