HCS ▋ @superruserr@infosec.exchange
- Gitlab
- gitlab.com/hcs0
- twitter.com/superruserr
- Github
- github.com/hcs0
#Software #InfoSec #Networks | Work in security - threat hunting, defence, siem/log management, osint, dns, domain. Own opinions here. | DE: @toot.berlin/@superruserr | FR: @mamot.fr/@superruserr | Header image by @ovid
Joined Jan 2018
Pinned toot
rest of 2020 goals in mind: 📆
Pivot at the current place
Take on board another project
Actually contribute to an open source project (now that, I'm no longer involved with open source / community software)
Contribute into an online course
Pick up a whole new skill
Keep up my blog entries on hannahsuarez.me
Continue to apply and send Cfp/talk submissions
Continue on with this ruleset submissions that has been on my mind
Pinned toot
Who moved my DNS cheese? BIND 9 DNS Log Collection and DNS Auditing https://hannahsuarez.github.io/2020/who-moved-my-cheese-dns-linux/
Looking into other cloud DNS infrastructure for a potential series. What provider do you use?
I spent the weekend going through Cybrary #CISA video lectures for the first time.
Tonight I did the 2 hour practice test in 40 min and bombed it, then the 3 hour practice test (complete in 1 hour) for the first time and got 65% right (70% is the pass rate for the exam).
Hack-A-Sat is back.
https://www.hackasat.com/
New job going well on first week: rolled out a new system for the ISO27001 and TISAX certification, a handful of new policies worked on and participated in drafting and compiling materials for an important pitch, all in the space of four days.
Also helping with hiring someone to join the team!
Has anyone gone through the "working student" phase (it's a Germany thing, not sure about other countries) in IT security?
What items worked out for you in selecting a role to apply for? Any tips or ideas during your time at a company?
To give an idea: I haven't gone through this ever as I only study FT, did work about a year before moving to more sec focused work.
I should probably mention that in line with the new job, I will also be sitting in 2-3 certification exams this year also.
What's your plan for the next 8 months?
Former Netflix Executive Convicted Of Receiving Bribes And Kickbacks From Companies Contracting With Netflix
> The agreement led to over $300,000 in payments by Netflix, approved by Kail, to Sumo Logic. Kail then approved a further $800,000 two-year contract with Sumo Logic, despite his IT team feedback about the product underperforming.
Fedimind: Resources to learn more about German Mittelstand (most notable around IT-sicherheit, datenschutz, etc)
Chris Brenton from Active Countermeasures is conducting another free, one-day, Cyber Threat Hunting Training online course
In this free, one-day (6-hours) course, we will cover how to leverage network and host data to perform a cyber threat hunt.
The focus will be on processes and techniques that can be used to protect:
- Desktops
- Servers
- Network gear
- IIoT
- BYOD system
https://register.gotowebinar.com/register/3774364347131211021?source=BHIStweet
Maybe @fallenhitokiri and @galaxis knows (trying to gauge how do-able it is, or if it's something that can be covered if I have OK German skills and would need a translator for the longer German sentences...).
Quick #infosec #german question: If you are working with an org for certification process (ISO 27001, TISAX und TPN) would it be a disadvantage to the org to get it done as an English speaker (aka what is the req you need native German skills).
Ex, ISACA Germany Chapter e.V. is implementation guidelines in English
Cybersecurity | Interviewing A Cybersecurity Recruiter https://www.youtube.com/watch?v=zRpIv7aX2S0
Nice! Pluralsight Skills free for the month of April https://www.pluralsight.com/offer/2021/free-april-business
The March Roundup by Wild West Hackin' Fest: Blue Team w/ Wolfgang Goerlich (5-Hours)
Thu, Mar 25, 2021 5:00 PM - 10:00 PM CET
Agenda and learn more about the speakers here: https://wildwesthackinfest.com/the-roundup-blue-team
Currently today:
A day of webinars focused on Cyber Threat Intelligence #CTI
https://www.eventbrite.fr/e/ctips-online-conference-tickets-143860660107?keep_tld=1
Register free or login https://www.infosecurity-magazine.com/online-summits/spring-2021-emea-edition/
The InfosecurityMag EMEA Spring Online Summit 2021 happening today
Wow, just found out that one of my previous coworkers who was also part of the laid off cohort is now working at Dragos.
Great to see people being able to move forwards.
Join MITRE ATT&CK experts as they address the results of a new ATT&CK industry report plus reveal the new MITRE ATT&CK Defender
https://www.cybersecurity-insiders.com/webinar/the-state-of-mitre-attack-threat-defense/
The F-Secure Corporation Lab Attack Detection Fundamentals series is back for 2021. The workshops will cover macOS, AWS and Azure, and Windows.
https://www.f-secure.com/gb-en/consulting/events/attack-detection-fundamentals-workshops-2021
Free registration, and I think that the material will be available in the blog after, like last year (ex https://labs.f-secure.com/blog/attack-detection-fundamentals-initial-access-lab-1 )
#security #security #informationsecurity #infosec #azure #aws #macos #redteam #detection #blueteam
A day of webinars focused on Cyber Threat Intelligence
Register free and read the agenda at https://www.eventbrite.co.uk/e/ctips-online-conference-tickets-143860660107
Make sure to keep March 24 free in your calendar!
Purple Team Summit & Training 2021
May 24-25
Register for the free summit
Agenda: https://www.sans.org/event/purple-team-summit-2021/summit-agenda
- Gitlab
- gitlab.com/hcs0
- twitter.com/superruserr
- Github
- github.com/hcs0
#Software #InfoSec #Networks | Work in security - threat hunting, defence, siem/log management, osint, dns, domain. Own opinions here. | DE: @toot.berlin/@superruserr | FR: @mamot.fr/@superruserr | Header image by @ovid
Joined Jan 2018
