To anyone in , it's a known fact that we need to constantly read up on the latest TTPs that attackers use to protect against them, but it's equally important to offensive-focused folks (pentesters, red teamers, etc.) to do the same. I have been lazy and lost my relatively good ranking on TryHackMe because I wasn't keeping up. I will now find the time to rectify this issue. Remember, is a field where everything moves quick, so best to try to keep up.

To all my friends, a modified blessing for you all:

May your alerts be few and your incidents be minor for the rest of your days.

Happy New Year everyone. Let's try to do better for ourselves and everyone around us in 2021, okay? This whole isolation stuff is starting to get old, and I'm not just talking about lockdowns and such. Stay healthy, stay sane, and stay happy.

So if someone made a podcast about security that's aimed at the C-Level, would you listen to it? Not the usual deep, technical, jargon but rather aimed at executives. No news, just best practices.

Please boost for maximum coverage.

I was a software developer for 15 years, and a damn good one at that. I didn't write papers, I didn't speak at conferences, and I didn't need to get validation from my peers to get a job. I did good work and could prove my worth with my passion. Shouldn't that suffice in as well?

I see us being nothing more than a high school in terms of maturity as an industry. We have our cliques and such, and it sucks.

Show thread

It's funny what goes through my mind when I'm trying to take a break from things.

Possible rant, so bear with me. When I first started in , I was in awe of all the wonderful, smart, talented folks out there. So many followers on Twitter, such advice being dispensed, and speaking at so many cons, how could I not be in awe?!

As I've come to realize, a majority of them are not that great. There are a few that are, but most are not. Those that are acknowledge their faults.

Successfully completed my gamified tabletop workshop today. Timing was on point, and the message was well received. It felt good. Looks like I may need to start blogging again for EliteSec to start sharing the message to the masses, since I think the old echo chamber is getting crowded and I apparently lack enough "clout" to be heard. Whatever, you're not my audience anyway.

Selfish self-promotion, but for anyone who wants to learn how to run gamified tabletops, I'm running a 2 day session on making your own on the 20th and 21st of August. Sign-up at the Tactical Edge website here:

tacticaledge.co/en/tabletop.ht

Alright, I tried this on Twitter and it failed, so let's see if it works here.

I'm looking for a to help me with EliteSec, specifically around marketing and lead gen. This is my first startup, but I'm not new to the culture, just running it. It's an consultancy but I'll admit that I've been a corporate shill for 20+ years now and I don't want that anymore.

Please boost for exposure.

Incorporation is complete, I can start making noise about elitesec.io

For those who are looking for or just help, make sure to consider us. We're based in Canada, but happy to help whomever we can reach. Many thanks!

Much like Twitter, I have changed my blog's look! Unlike Twitter, I think this one looks better! :-) But seriously, WTF Twitter?! I liked the old web interface a lot more. Oh well, I like the Fediverse much more in general, so they're just helping re-enforce that with me.

infosecjohn.blog/posts/a_new_l

Question for my peers:

What's a good ratio of security people to the rest of the staff for a company?

By the gods it happened again! Many thanks to @tinker for joining me for another set of stories! Oh, and I finally got to hear how he managed to get that DC that we were all curious about. ;-)

Good morning world. What questions drive you today? What is the answer you are looking for? Me? I'm brushing up on my offensive fundamentals because I'm feeling unworthy and rusty.

The latest Purple Squad Security podcast episode is here! Chris Foulon joins me for a fireside chat to talk about breaking into .

purplesquadsec.com/podcast/epi

So I stumbled across a nice site the other day, infosecindustry.com/

I encourage you to check it out, especially if you're looking for a starting place for things like <cough, cough> podcasts!

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.