Olivia
Online
Austin Baker
@BakedSec
IR at LinkedIn | focused on the intersection of data science, engineering, and cybersecurity | Scooping up APT and bopping them on the head | opinions my own
Joined October 2018
262 Following
1.7K Followers
2.5K Posts
Build a career where you always bring something valuable to the table - that can be depth, breadth, or even just unbridled tenacity and grit. If you do this, you'll find there's a seat for you more places than not.
People often ask me what they should learn or study in cybersecurity and my advice is always the same; aim for technical excellence with things you love to do and aim for broad technical competency in as many related things as you can - a diverse base of knowledge is career gold
@HackingLZ When the red team realizes GDPR applied to them too
Elmo loves you. ❤️
When you have a file lock on the investigation timeline so some goober associate doesn't try to merge in their horrendously formatted system timeline into the main one while you're compiling new IOCs to track
(it me, I was the goober)
LOTO (Lock-Out-Tag-Out) cards exemplify peak analog goodness: combining a physical tag, industrial graphics, and a locking mechanism—a critical safety tool to prevent unintentional and unauthorized actions during maintenance. 🧵
Who to follow
Jon Hencinski 
@jhencinski
Head of SecOps @ProphetSec
Dan Perez
@MrDanPerez
Technical Lead, 🇨🇳 Mission @Google GTIG. Specializing in tracking and attribution of China-Nexus Threats, and making life difficult for them.
Roberto Rodriguez 🇵🇪
@Cyb3rWard0g
AI Security Researcher @nvidia | Prev: @Microsoft @awscloud | Founder of the @OTR_Community
As Brian notes, blameless does not mean without accountability. You have to be able to say "X failed because Y team made Z choice". Blameless means you don't call out individual persons and try to ruin their lives over what is typically an honest mistake.
"Blameless" is a very interesting word when it comes to investigations/post-mortems.😏
There are (at least) two very different senses of it:
1. No formal punishment is imposed or fault declared, but who did what where and why are still analyzed.
2. The problem fell from the sky.
@dinodaizovi Granted but I think the lament of most in-the-trenches practitioners is that A. Hardening is unevenly distributed and undo effort is often placed on securing niche attack vectors (the above) and B. Traceability is then neglected or upcharged by vendors for common vectors.
People often misunderstand opportunistic targeting (baiting) employed by threat actors. You know those signs you see stapled to a pole saying you can make XXk a month only if you call this number? Yeah, they don't need to fool you - just the person desperate enough to call them.
@HackingLZ Brb making my agent to translate my slides into crudely drawn mspaint pngs
The conflict between these metrics, the push and pull as the organization grows and churns, is what helps confirm for you that the ecosystem is stable - not stagnant, never stagnant. But consistently operates within the boundaries of what is "acceptable/good" for each.
The best metrics strategy for security operations is to find a core set of signals (3-5) that are not all aligned with each other. How fast you close a case vs. how many cases have to be reopened. How many new detections you wrote vs. your overall SNR.
First World TTRPG Problems: A cool new dark, gritty setting comes out but all your "edgy" friends are now buttoned up IT professionals and only play 5E
@Hexacorn A church because when all else fails in security, pray pray pray :D
@HackingLZ Same thing happening with blue side certificates. Teaching investigation techniques that are largely irrelevant to modern security operations work - which has largely moved towards working entirely in EDR/SIEM land. The cert factory needs fresh bodies for our "unfilled" 1M jobs
@Hexacorn @anton_chuvakin Ah I see - thank you for clarifying :) I haven't run into one of these yet but it sounds fun :D
@_devonkerr_ Cybersecurity got us like:
Last Seen Users on Sotwe
Vikram
Seen from United States
Bottom~Boy
Seen from France
テラ
Seen from Thailand
boy cock lover
Seen from India
الوحش ليبي 🇱🇾
Seen from Israel
🇹🇭หลานชาย นายพล🇹🇭BKK-X1🍑
Seen from Thailand
nudelewddude
Seen from United States
小黑马
Seen from United States
aleson
Seen from Vietnam
ผู้คุมวิญญาน แอบถ่าย หีทางบ้าน
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.9M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.5M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers