Using SIEMs like QRadar or Splunk to create highly personalized network visualization.
Watch more videos on my YouTube channel.
Archive for August, 2017
Stuck in Traffic – Containment
Posted byFrom manual to orchestrated, looking at containment in incident response.
Watch more videos on my YouTube channel.
Stuck in Traffic – IR Plans
Posted byIncident response planning? Make one tight repeatable loop for incident response, with a second set of threat-specific considerations.
Watch more videos on my YouTube channel.
Stuck in Traffic – PwnedPasswordsDLL
Posted byThe first thing hackers learn? Password cracking. And the first thing password crackers do? Try hashes from recent breaches. So it makes sense to prevent users from setting passwords to those found in, say, Troy Hunt’s list of 306 million. That’s been difficult to do. But I recently found PwnedPasswordsDLL, which adds a control to the password change process.
Checking for Breached Passwords in Active Directory
http://ift.tt/2w3uDNI
Watch more videos on my YouTube channel.
Stuck in Traffic – Security and the Board of Directors
Posted byhttps://youtu.be/CqTiAc7Rl3w
Using investor relations and the annual report to the board of directors in CyberSecurity planning.
Watch more videos on my YouTube channel.
Stuck in Traffic – Incident Response Communication
Posted byCampfire tales of the bad guys compromising phones, email, and instant messaging during security incidents.
Watch more videos on my YouTube channel.
Stuck in Traffic – Personal Mobile Device
Posted bySecuring mobile devices while setting the stage for conversations on securing the enterprise IT.
Watch more videos on my YouTube channel.
Stuck in Traffic – Nationwide Insurance and 1000-Days
Posted byWe all get excited and respond to 0-Day vulnerabilities. But what about vulns with patches that have been out for 3-years? As Nationwide Insurance found when they were breached, an unpatched is just as risky as unpatchable.
Watch more videos on my YouTube channel.
Stuck in Traffic – Verizon and the S3 Bucket
Posted byAmazon Simple Storage Service (Amazon S3) is an easy way for apps to store data in the cloud. Too easy. And not only easy to use, but also, easy to misconfigure. Verizon learned this the hard way when a third-party’s S3 bucket was found left open, resulting in a breach of six million subscribers. (Pro-tip: use scripts like Bucket Finder to check for open S3 instances.)
Watch more videos on my YouTube channel.
Stuck in Traffic – Three Basics of DNS Network Security
Posted byOldies but goodies. Three ways DNS can be abused, and three counters for protection.
Watch more videos on my YouTube channel.