7MS #256: AlienVault Certified System Engineer - Part 2

This week I was in lovely Boise, Idaho doing some security assessment work. While I was there I got to hang out with Paul Wilch and some of the Project7 crew and picked up a lot of cool tools and tips I share in today's episode: The Badger Infosec group did a cool Rubber Ducky demo. Dan from DDSec did a demo of PlexTrac which is "the last cybersecurity reporting tool you will ever need." I'm actually going to use PlexTrac for my next few assessments and am working to line up a future interview with Dan to learn even more. Paul gave a demo of Parrot which is cool and Kali-like. However, when Paul and I did a side-by-side test with Kali, we noticed that Parrot kind of barfed when it set out to do an Eyewitness report. After meeting Paul's son, Simon, I'm optimistic about the future IT/security leaders in this country. There are some wicked-smart youth out there! Paul gave me a hotel keycard lockpick/shiv (his own creation!) and staged a few doors for me to try and bypass. He made it interesting when he promised to throat-punch me if I failed! Thankfully, I got off without any throat punches!

26 Loka 201813min

In this episode I'm releasing a new document aimed to help organizations eliminate low hanging hacker fruit from the environment. The document contains (relatively) cheap and (relatively) easy things to implement. And my hope is it can be a living/breathing document that will bulk up over time. Got things to add to this list? Then please comment on the gist below!

17 Loka 20188min

It's done! It's done!! It's DONE!!! That's right mom, my PacktPub course called Mastering Kali Linux Network Scanning is done! In today's episode I: Recap the course authoring experience Explain my super anal retentive editing process that takes 4 hours for every 10 minutes of produced video Admit some last minute mistakes that about made me quit the whole project With the holidays coming up, this course is a perfect gift for that IT or security person in your life :-). Buy them a copy - or 10! Psst! I will soon be getting a handful of vouchers to the course that I can give away to podcast listeners. Interested in one? Ping me and I'll draw names from a virtual hat in a few weeks!

10 Loka 20187min

In today's episode, I'm excited to be joined in the studio by Nathan Hunstad, Director of Security at Code42. Nathan and I had a great chat about Code42's new security offering called Code42 Forensic File Search, which helps IT and security teams figure out where files are located across their enterprise - even if the endpoints are offline. This functionality lends itself to a number of interesting use cases and helps answer questions such as: "Does known malware have, or has it ever had, a foothold in our environment?" "Has a particular crypto-mining agent been installed on our employees’ computers? Who has it now?" "What endpoints have or had copies of our company’s most sensitive files?" "What files did an employee download or delete in the months before resigning?" "What non-sanctioned collaboration applications are present in our environment?" After today's podcast, be sure to check out this great video of Nathan demonstrating the power of Code42 Forensic File Search live! Also talked about in today's episode: Implementing host-based firewalls - here's a great blog and video on it I want to thank Code42 for their support of the 7 Minute Security podcast. It's a pleasure to work together with them to help companies be more secure!

3 Loka 201852min

Today's episode is brought to you by my friends at Netwrix. Their amazing Netwrix Auditor tool gives you visibility into what’s happening both on your local network and cloud-based IT systems and tells you about critical changes, and when and where people have been accessing data. Give it a spin right in your browser here, and then try it in your environment free for 20 days! www.netwrix.com Welcome! Today I'm kicking off a new miniseries all about the fundamentals of Active Directory security. Rather than try to pile all the info into show notes, I'm going to start pumping everything into a living/breathing GitHub gist so we're all on the same page as this miniseries develops further. So, please feel free to check out that gist here.

27 Syys 201821min

This episode is a cavalcade of fun! Why? First, I've got a big announcement: I've accepted a new position. "What?!" exclaimed my mom. "I thought you were president of 7MS, what the what?" No worries, it's business as usual, and my responsibilities at 7MS aren't changing. But I'm also going to start writing blogs, nurturing a Slack channel and producing a podcast for somebody else each week. Tune in to find out who! Oh, and I also conclude this episode with a song from my band, Sweet Surrender. A few years ago we wrote a goofy song to start our shows called Sound Check, and in this episode, I wanted to debut the sequel to that song...called MANDATORY ENCORE. Enjoy.

19 Syys 201828min

Today's episode is brought to you by my friends at Netwrix. Their amazing Netwrix Auditor tool gives you visibility into what’s happening both on your local network and cloud-based IT systems and tells you about critical changes, and when and where people have been accessing data. Give it a spin right in your browser here, and then try it in your environment free for 20 days! www.netwrix.com Well I'm geeking out big time because today I chatted with John Strand of Black Hills Information Security, SANS instructing, Security Weekly, Active Countermeasures, RITA and more. Some people think he looks like Wash from Serenity or Steve the Pirate from Dodgeball, and others get upset when they learn he's not John Strand the male model. I've followed John and his team's work since I got started in security, and they've been a huge inspiration for what I do at 7MS. If you're not watching the BHIS Webcasts stop what you're doing and subscribe now! They're all full of practical, hands-on security advice - often complemented by tools that are totally free! Anyway, enjoy today's interview where John and I talk about how to make pentesters' jobs harder, and why he'd rather be a security advisor to Katy Perry than Donald Trump.

13 Syys 201846min

Today's episode is brought to you by my friends at Dashlane, a fantastic password manager for you, your family and your business! Head to www.dashlane.com/7ms and use the code 7MS for 10% off a year of Dashlane Premium! Today I'm super pumped to be joined by Ryan Manship of RedTeam Security and Dave Dobrotka of United HealthGroup. Both these guys lead red teams for a living and had a lot of great insight to share as it relates to: The definition of "red teaming" and where it overlaps, if at all, with pentesting Successfully running red team campaigns Defending against a red team campaign How to climb unclimbable walls Is antivirus any good at stopping attackers? The importance of 2FA and training your end-users How to fool the "This email originated outside your organization" email banners How to break into red teaming as a career How to successfully break into a casino (or not) Other links and things mentioned in today's show: RedTeam Security's awesome YouTube video on breaking into the US power grid If you're a red teamer and in the Twin Cities area (or willing to drive a bit), you definitely want to sign up for ArcticCon coming up on October 23-24 at the Optum World Headquarters. Head to the link and sign up - if there are seats left! Once you listen to today's episode, please let me know if you'd like Ryan and Dave to come back for another interview. We were thinking it would be a blast to talk about the details of planning a red team engagement!

6 Syys 20181h 33min