I spent the last little while studying for this certification. I wrote the exam last week and am thankful to have passed with 97%!! It was a tough exam! #sec510 https://t.co/MRrY3APXi5
We hacked a billionaire!
@racheltobac has the thread on the human hacking that went into this attack and here you’ll find the Hacking A Billionaire -- Technical Overview thread:
https://t.co/knGEOzvoMM
Check out the latest SANS SEC510 Challenge Coin Winners. First Place was Anthony Martinez @0xAnthony (TonyTheTiger), 2nd is Megan Andersen (AryaStark) and 3rd place is Bill Solaczek. Your hard work payed off! https://t.co/J6MxCGahyP
Keeping up with security research is near impossible.
Vendor pitches & bombastic claims add to the noise.
ThinkstScapes fixes this.
Grab quarterly reviews¹ by sec researchers with decades in the field. (PDF or audio)
https://t.co/4noer7uyR6
__
¹ Free. Not even reg. needed
Well, here goes nothin’! I was asked to open source the career ladders I used for my organization, I hope it’s a helpful resource for people:
📝 Article: https://t.co/wTGlxse1Rn
📍 Site: https://t.co/slqF0ij1dZ
A little thread with some thoughts about this 🧵
Facebook is probably more comfortable selling ads than buying them, but they'll do what they have to do in order to be the top result when some people search for 'Signal' in the App Store.
P.S. There will never be ads in Signal, because your data belongs in your hands not ours.
It has always been my goal to appropriately communicate to the media what is happening out there and what amazing work the security industry is doing.
I have to be honest, the latest Zoom storm has me concerned. 1/10
Hey InfoSec newbies and students: you don't have to know everything! Here's a matrix of 34 anonymized respondents with 5+ years' experience, across 19 skills (I'm P01). Black cells show knowledge gaps. NOBODY KNOWS EVERYTHING, and InfoSec is very broad - pass it on! :) 1/n
Your job as a security engineer isn't to build unhackable systems or fix every security vulnerability. It's to allow the business to succeed despite hackable systems and security vulnerabilities. This means using all available resources to prioritize what's best for the business.
Threat Hunting, A Methodology:
1) Grab a PCAP anywhere on your network
2) WTF is that?
3) That can't be right
4) Who would do that?
5) It's the dumbest thing
6) Where is this asshole program sending this traffic?
7) It's your core business app
8) It's working as intended
Repeat
@DaveSec3 @Valcan_K @Recon_InfoSec@CactusCon@barnabyskeggs Familiarity with Kolide, OSQuery and Moloch may be helpful but not necessary. Don't hunt for the next flag, think about the full scope of the incident and take notes. Note taking is essential - often we'd be able to answer future questions from our notes when first investigating.
@DaveSec3 @Valcan_K @Recon_InfoSec@CactusCon My experience was @ Defcon 26 so ymmv, may have changed. When @barnabyskeggs and I were competing, there were some memory dumps that required analysis. Using Volatility on the SIFT workstation provided by SANS was great for this. IIRC everything else was in a browser.
Every Monday I put out a newsletter and podcast called Unsupervised Learning, which is a quick glance at the security, technology, and human news from the previous week.
I just released episode 201 and you can check it out here! #infosec#podcast
https://t.co/iyf6iPLZjB
Since launching our 24x7x365 SOC as a service almost two years ago we’ve achieved:
✅ +90 net promoter score
✅ 95% analyst retention rate
How? 🤔
Habits. Seven, in fact — that we believe help us “SOC” the right way at @expel_io. #7dailyhabits
https://t.co/Cp4738BOyc
Created multiple ATT&CK Navigator layers and a DeTT&CT group YAML file for @CrowdStrike's 2019 Mid-Year OverWatch Report.
Navigator layers: https://t.co/96AB686N66
Group YAML file: https://t.co/GtLDgdY3Mn
#BlueTeam#CTI