Josh Johnson

Cyber Defense Author & Instructor @SANSInstitute - SEC450/LDR551 | https://t.co/6NusGJa7bk

almost 5 years ago

@cyb3rops @SecHubb Yes! This is the perfect way to watch for the downgrade while working to get the old version disabled. Make sure those audit policies/sysmon are giving you the data needed. Then the Sigma rules can even be converted to PowerShell queries if the logs aren’t centralized in the SIEM

0

1

0

Who to follow

John Hubbard

@SecHubb

Dr. Anton Chuvakin

@anton_chuvakin

Information security - #SIEM, #DFIR, #EDR formerly at Gartner! Now @GoogleCloud Office of the #CISO; host of @CloudSecPodcast https://t.co/VpKtfz8nXG

Stephen Sims

@Steph3nSims

almost 5 years ago

Thanks for the shout out, John! I had no idea what I was signing up for when agreeing to build 586, but it’s all been worth it hearing how it is helping fellow blue teamers automate as much as possible

John Hubbard @SecHubb

almost 5 years ago

Auditing SEC586, our new #PowerShell Defense Automation course from @jcjohnson34. Picking up some epic ideas! Ex: Day 1 lab, pulling folder of ADS info to find a Ref/URL files were downloaded from, super cool!! Btw, 25% beta price NEXT RUN ONLY! https://t.co/Brnmj0m7VO #infosec

SecHubb's tweet photo. Auditing SEC586, our new #PowerShell Defense Automation course from @jcjohnson34. Picking up some epic ideas! Ex: Day 1 lab, pulling folder of ADS info to find a Ref/URL files were downloaded from, super cool!! Btw, 25% beta price NEXT RUN ONLY! https://t.co/Brnmj0m7VO #infosec https://t.co/prA7WhjRrl

0

24

11

3

0

2

1

0

jcjohnson34 retweeted

Ismael Valenzuela

@aboutsecurity

about 5 years ago

Join us on any of the upcoming classes taught by @eric_conrad @SecurityMapper @jcjohnson34 @Greg_Scheidel or myself and learn how to design and engineering practical #ZeroTrust architectures.

1

6

1

0

almost 6 years ago

Very cool use case that I had not considered. My own results were... interesting. Thanks for sharing this, Wes!

0

1

0

jcjohnson34 retweeted

almost 6 years ago

Join us at SANS #CyberDefenseForum for in-depth talks from leading #cybersecurity practitioners. You'll learn to fortify your organization's defenses using innovative prevention and detection techniques. Register now for FREE: https://t.co/T7ejjQt9UG #CyberDefense #BlueTeam

SANSDefense's tweet photo. Join us at SANS #CyberDefenseForum for in-depth talks from leading #cybersecurity practitioners. You'll learn to fortify your organization's defenses using innovative prevention and detection techniques.

Register now for FREE: https://t.co/T7ejjQt9UG

#CyberDefense #BlueTeam https://t.co/GeftTr6Vfb

0

6

11

1

0

jcjohnson34 retweeted

almost 6 years ago

Join us for this FREE SANS #CyberDefenseForum on Oct 9! Hear in-depth #BlueTeam and #CyberDefense talks by leading #cybersecurity practitioners and connect with the wider cyber defense community via virtual chat rooms. | Live Online | Register now: https://t.co/T7ejjQt9UG

SANSDefense's tweet photo. Join us for this FREE SANS #CyberDefenseForum on Oct 9! Hear in-depth #BlueTeam and #CyberDefense talks by leading #cybersecurity practitioners and connect with the wider cyber defense community via virtual chat rooms. | Live Online | Register now: https://t.co/T7ejjQt9UG https://t.co/wpN2AUc5TQ

0

74

64

21

0

almost 6 years ago

@ClueAx @aboutsecurity Awesome, congrats!

0

1

0

jcjohnson34 retweeted

almost 6 years ago

Huge News! First-ever #SANSCyberCamp for Teens is open for registration! This free camp starts 8/11 at 1pm EDT, presented by @lee_whitfield @337Forensics & @SANSInstitute Please share w/ teens interested in getting into #cybersecurity and learn more at https://t.co/xFSZLZxFap

SANSInstitute's tweet photo. Huge News! First-ever #SANSCyberCamp for Teens is open for registration! This free camp starts 8/11 at 1pm EDT, presented by @lee_whitfield @337Forensics & @SANSInstitute

Please share w/ teens interested in getting into #cybersecurity and learn more at https://t.co/xFSZLZxFap https://t.co/cUrphZjyX2

10

161

154

11

0

about 6 years ago

So honored to join this list. I can't say thank you enough to everyone who has helped me along the way including the great faculty and staff at @SANS_EDU! Wouldn't be here without so many mentors, and I'll do my best to pay it forward

@SANS_EDU @SANS_EDU

about 6 years ago

Congratulations to Josh Johnson (@jcjohnson34) for joining the ranks of https://t.co/sZPwRF5S8z master's degree graduates — including @eric_conrad, @MarkBaggett, @jamestarala & @0sm0s1z (Matthew Toussain) — who have become SANS Certified Instructors. What an achievement! 👏👏👏

2

26

3

0

1

14

0

jcjohnson34 retweeted

about 6 years ago

In-depth #cybersecurity training through #SANSLiveOnline events. #SEC530 Instructor-Led Training | May 11 | May 27 | June 15 | Full time 1-week and part time 6-week formats available View more info here: https://t.co/NXDZruXemA @aboutsecurity @ryananicholson @jcjohnson34

SANSDefense's tweet photo. In-depth #cybersecurity training through #SANSLiveOnline events.

#SEC530 Instructor-Led Training | May 11 | May 27 | June 15 | Full time 1-week and part time 6-week formats available

View more info here: https://t.co/NXDZruXemA

@aboutsecurity @ryananicholson @jcjohnson34 https://t.co/NHVMlN6eNr

0

6

4

0

jcjohnson34 retweeted

about 6 years ago

#SANSSecWest 2020 via #SANSLiveOnline features many #CyberDefense courses, including: #SEC450 w/ @SecHubb #SEC501 w/ @Steph3nSims #SEC505 w/ @JasonFossen #SEC530 w/ @jcjohnson34 plus mini #NetWars We’ll see you online next week! View event agenda: https://t.co/HZZdAicPw9

SANSDefense's tweet photo. #SANSSecWest 2020 via #SANSLiveOnline features many #CyberDefense courses, including:

#SEC450 w/ @SecHubb
#SEC501 w/ @Steph3nSims
#SEC505 w/ @JasonFossen
#SEC530 w/ @jcjohnson34
plus mini #NetWars

We’ll see you online next week! View event agenda: https://t.co/HZZdAicPw9 https://t.co/1YVqNNISnc

0

4

3

0

jcjohnson34 retweeted

over 6 years ago

In response to the current COVID-19 pandemic, organizations worldwide are implementing work-from-home policies. Yet for many businesses, managing an entirely remote workforce is new. Here are some best practices for managing a remote work force: https://t.co/fXBcH6sI2B

0

26

4

0

jcjohnson34 retweeted

over 6 years ago

For the safety of our students, staff, and instructors, all SANS live events from now until June 1st have been modified. We have our Training Guarantee in place and are working on free resources to support the community. Full statement here: https://t.co/Fvkh0AE1vP

3

101

107

4

0

jcjohnson34 retweeted

over 7 years ago

NEW courses at #SANSBoston Spring 2019: #SEC530 - Defensible Security Architecture w/ @jcjohnson34 #FOR508 - Advanced Incident Response, Threat Hunting, and Digital Forensics w/ @eric_capuano #MGT512 - Security Leadership Essentials For Managers w/ @MenopN https://t.co/my5E3ineR3

SANSInstitute's tweet photo. NEW courses at #SANSBoston Spring 2019:
#SEC530 - Defensible Security Architecture w/ @jcjohnson34
#FOR508 - Advanced Incident Response, Threat Hunting, and Digital Forensics w/ @eric_capuano
#MGT512 - Security Leadership Essentials For Managers w/ @MenopN
https://t.co/my5E3ineR3 https://t.co/6N1WhiQKLf

0

3

2

0

jcjohnson34 retweeted

Ismael Valenzuela

@aboutsecurity

over 7 years ago

Check out the complete lineup for the new @SANSDefense #SEC530 “Defensible Security Architectures” offered at conferences, summits, community & simulcast, co-authored by @SecurityMapper @eric_conrad and myself, here https://t.co/iPyNrzz4rz #TrustNoOne #PerimeterIsDead #ZeroTrust

aboutsecurity's tweet photo. Check out the complete lineup for the new @SANSDefense #SEC530 “Defensible Security Architectures” offered at conferences, summits, community & simulcast, co-authored by @SecurityMapper @eric_conrad and myself, here https://t.co/iPyNrzz4rz #TrustNoOne #PerimeterIsDead #ZeroTrust https://t.co/bCyk1WbCtR

2

32

9

0

jcjohnson34 retweeted