Pinned toot

rest of 2020 goals in mind: 📆

:pika: Pivot at the current place

:pika: Take on board another project

:pika: Actually contribute to an open source project (now that, I'm no longer involved with open source / community software)

:pika: Contribute into an online course

:pika: Pick up a whole new skill

:pika: Keep up my blog entries on hannahsuarez.me

:pika: Continue to apply and send Cfp/talk submissions

:pika: Continue on with this ruleset submissions that has been on my mind

Pinned toot

Who moved my DNS cheese? BIND 9 DNS Log Collection and DNS Auditing hannahsuarez.github.io/2020/wh

Looking into other cloud DNS infrastructure for a potential series. What provider do you use?

I spent the weekend going through Cybrary video lectures for the first time.

Tonight I did the 2 hour practice test in 40 min and bombed it, then the 3 hour practice test (complete in 1 hour) for the first time and got 65% right (70% is the pass rate for the exam).

New job going well on first week: rolled out a new system for the ISO27001 and TISAX certification, a handful of new policies worked on and participated in drafting and compiling materials for an important pitch, all in the space of four days.

Also helping with hiring someone to join the team!

Has anyone gone through the "working student" phase (it's a Germany thing, not sure about other countries) in IT security?

What items worked out for you in selecting a role to apply for? Any tips or ideas during your time at a company?

To give an idea: I haven't gone through this ever as I only study FT, did work about a year before moving to more sec focused work.

I should probably mention that in line with the new job, I will also be sitting in 2-3 certification exams this year also.

What's your plan for the next 8 months?

Former Netflix Executive Convicted Of Receiving Bribes And Kickbacks From Companies Contracting With Netflix

> The agreement led to over $300,000 in payments by Netflix, approved by Kail, to Sumo Logic. Kail then approved a further $800,000 two-year contract with Sumo Logic, despite his IT team feedback about the product underperforming.

justice.gov/usao-ndca/pr/forme

Fedimind: Resources to learn more about German Mittelstand (most notable around IT-sicherheit, datenschutz, etc)

Chris Brenton from Active Countermeasures is conducting another free, one-day, Cyber Threat Hunting Training online course

In this free, one-day (6-hours) course, we will cover how to leverage network and host data to perform a cyber threat hunt.

The focus will be on processes and techniques that can be used to protect:
- Desktops
- Servers
- Network gear
- IIoT
- BYOD system

register.gotowebinar.com/regis

Maybe @fallenhitokiri and @galaxis knows (trying to gauge how do-able it is, or if it's something that can be covered if I have OK German skills and would need a translator for the longer German sentences...).

Show thread

Quick question: If you are working with an org for certification process (ISO 27001, TISAX und TPN) would it be a disadvantage to the org to get it done as an English speaker (aka what is the req you need native German skills).
Ex, ISACA Germany Chapter e.V. is implementation guidelines in English

The March Roundup by Wild West Hackin' Fest: Blue Team w/ Wolfgang Goerlich (5-Hours)

Thu, Mar 25, 2021 5:00 PM - 10:00 PM CET

Agenda and learn more about the speakers here: wildwesthackinfest.com/the-rou

Wow, just found out that one of my previous coworkers who was also part of the laid off cohort is now working at Dragos.

Great to see people being able to move forwards.

Join MITRE ATT&CK experts as they address the results of a new ATT&CK industry report plus reveal the new MITRE ATT&CK Defender

cybersecurity-insiders.com/web

The F-Secure Corporation Lab Attack Detection Fundamentals series is back for 2021. The workshops will cover macOS, AWS and Azure, and Windows.

f-secure.com/gb-en/consulting/

Free registration, and I think that the material will be available in the blog after, like last year (ex labs.f-secure.com/blog/attack- )

A day of webinars focused on Cyber Threat Intelligence

Register free and read the agenda at eventbrite.co.uk/e/ctips-onlin

Make sure to keep March 24 free in your calendar!

Show older
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.