A four step process for creating a defensible security architecture.
Watch more videos on my YouTube channel.
Archive for May, 2016
Stuck in Traffic – Responding to PowerShell
Posted byRed Team tools exist for PowerShell. Older ones, like PoshSec and PowerSploit, and newer ones like PowerShell Empire. Meantime, criminals weaponized PowerShell scripts with malware like PowerSniff and PowerWare. So in this talk, we discuss monitoring PowerShell and integrating it with incident response.
Watch more videos on my YouTube channel.
Stuck in Traffic – Locky and Having a fighting chance
Posted bySomeone infiltrated the Locky network and disabled the ransomeware. We’ve seen this happen before. Turns out, the criminals make as many mistakes as we do. And this means we have a fighting chance.
Watch more videos on my YouTube channel.
Stuck in Traffic – Encrypting Data Interchanges
Posted byIf data is the life blood of the organization, then data exchange is the steady heartbeat. Data in, data out (beat). Data in, data out (beat). And encryption protects that flow.
Watch more videos on my YouTube channel.
Stuck in Traffic – Tightening the Feedback Loop
Posted byPDCA, Plan-Do-Check-Act, is all fine and good. The trouble is delaying feedback. So here’s some ways to get implementation and assessment teams closer to tighten the feedback loop.
Watch more videos on my YouTube channel.
Stuck in Traffic – Don’t Play with CMS
Posted byContent management systems are an oft used system for criminals. A toy manufacturer provides a recent example, as their unpatched Joomla system was hijacked to distribute ransomeware with Angler.
Watch more videos on my YouTube channel.
Stuck in Traffic – Clearing Phishes
Posted byAfter last week’s video on phishing response metrics, a question came in. How does IT respond and clean up phishing emails?
Watch more videos on my YouTube channel.