Pinned
Just so everyone knows, all our webcasts are recorded and posted to our YouTube channel.
strandjs - [email protected]
14.2K posts
strandjs - [email protected]
@strandjs
I will light the way by the bridges I burn.
Retired Senior SANS Instructor
IANS Faculty
Black Hills Information Security
Active Countermeasures
- Can we start a campaign to educate people that no, using a VPN does not protect you from "Big Tech" tracking you.
- Nice article on my mom breaking into a correctional facility.
- "Don't learn to hack. Hack to learn." What old school security quote still sticks with you?
- To all the new people in security: I want it to be easier for you than it was for "us". I want you to feel welcome. I want to be better than we were. I want you to be better than we are. Go forth and do great things.
- What is a funny IT mistake that you made that others can learn from? 19 years ago I once swapped input and output files with the df command. Wiping evidence for a case.
- First, I want to apologize to the @BSidesCleveland attendees. I will not be presenting. Second, we did not know about this in advance. Finally, I will be giving my presentation online in the near future. This situation sucks.
- I am going to say this again. Security needs to stop being wizards trying to impress other wizards. Focus on the fundamentals. Keep learning.
- Warning signs of infosec disaster. "8 characters is fine." "No one wants to hack us." "We are compliant." "No one will find that API." "Insurance will cover us." "If it ain't broke, don't fix it." Yours?
- "I will snapshot my VMs before trying this..." - Me... Lying to myself, again.
- Please do not pass judgement on a security control because it can be bypassed. All controls have failure points. The collection of multiple controls overlapping and supporting each other is true defense in depth.
- Guys, as in males, please f-!ng wash your hands after using the restroom. Everyone, can we all agree that it is socially acceptable to call out and ask people to wash their hands if they look like they are trying to skip out?
- Quotes that indicate a security program is in trouble. "We spend $$$$$ on security!" "We log X petabytes a day!" "Our EDR would catch that!" "We have a SIEM!" "Our CIO is a CISSP!" "We know Kali!" "We have a policy for that!" What's yours?
- Folks, I am teaching my next Pay What You Can class next week. It is SOC Core Skills. Please share with someone who is trying to get into security. antisyphontraining.com/soc-core-skill… Thanks!
