7MS #531: Interview with Christopher Fielder and Eugene Grant of Arctic Wolf
7 Minute Security1 Elo 2022

7MS #531: Interview with Christopher Fielder and Eugene Grant of Arctic Wolf

Today we're joined by some of our friends at Arctic Wolf - Eugene Grant and Christopher Fielder - to talk about compliance. Now hold on - don't leave yet! I know for many folks, compliance makes them want to bleach their eyeballs. But compliance is super important - especially because it is not the same as being secure. So we discuss the differences between security and compliance, and practical work we can do to actually be more compliant and secure, including:

  • Knowing what you have (assets, installed software, etc.) - Rumble is a cheap/free way to find out!
  • Creating core policies and procedures that you will actually follow
  • Learning about security frameworks that will help you build a security program from scratch
  • Preparing for your first (or next) pentest. Tools like PingCastle and BloodHound can help find hacker low-hanging fruit!
  • Knowing where your crown jewels are - be that data, a database, a key system, etc.
  • Writing critical documentation - especially backup/restore procedures.
  • Forming a security "dream team" to help drive your program
  • Asking the right security maturity questions at your next job interview (so you don't get hired into a dumpster fire!)

P.S. this is Christopher's sixth time on the program. Be sure to check out his first, second, third, fourth and fifth interviews with 7MS.

Jaksot(688)

7MS #24: Why Wireless Scares Me (audio)

7MS #24: Why Wireless Scares Me (audio)

This episode is all about why you should (probably not) use wireless hotspots, and keeping yourself safe in general when surfing the Web. Download: 7MS #24: Why Wireless Scares Me (audio)

16 Elo 20147min

7MS #23: OSCP – part 2 (audio)

7MS #23: OSCP – part 2 (audio)

In this episode I talk more about my adventures with OSCP and Offensive Security! . Download: 7MS #23: OSCP – part 2 (audio) Show notes: I recommend documenting ALL the exercises in the PDF. My understanding is that extra effort could be rewarded if you don’t do so hot on your final exam. Buffer overflows make…

9 Elo 20147min

7MS #22: Phishing with Black Squirrel (audio)

7MS #22: Phishing with Black Squirrel (audio)

In this episode I talk about using Black Squirrel to launch phishing campaigns! Download: 7MS #22: Phishing with Black Squirrel (audio) Show notes: Security Weekly is an excellent podcast/resource. Devour it regularly. Black Squirrel is the main tool discussed in this podcast. I’ve been using it for phishing campaigns and it’s been excellent in that capacity.

27 Heinä 20147min

7MS #21: OSCP – part 1 (audio)

7MS #21: OSCP – part 1 (audio)

In this episode I talk about my venture into Offensive Security! . Download: 7MS #21: OSCP – part 1 (audio) Show notes: It’s official – I have a death wish and have started the OSCP training. This episode is the first of what I hope will be a multi-part, spoiler-free series about my experience with OSCP. With…

20 Heinä 20147min

7MS #20: Moving from GoDaddy to DNSimple (audio)

7MS #20: Moving from GoDaddy to DNSimple (audio)

In this episode I talk about why I’m pulling my domains from GoDaddy, and making DNSimple their new home. Download: 7MS #20: Moving from GoDaddy to DNSimple (audio) Show notes: The service I’m talking about in this podcast is DNSimple. Troy Hunt‘s humorous/awesome article pushed me over the edge and convinced me to give DNSimple a…

15 Heinä 20147min

7MS #19: Kioptrix! (audio)

7MS #19: Kioptrix! (audio)

In this episode I talk about a deliciously vulnerable series of VMs called Kioptrix, and how you can use them to sharpen your pentesting skills. Download: 7MS #19: Kioptrix! (audio) Show notes: The Kioptrix series of VMs is here: http://www.kioptrix.com/blog/test-page/ and here: http://vulnhub.com/?q=kioptrix&sort=date-des&type=vm. Got approved for my OSCP training and I start it in a few…

5 Heinä 20147min

7MS #18: Wireless Security 101 (audio)

7MS #18: Wireless Security 101 (audio)

In this episode I talk about some wireless security basics that we’re not seeing when out on assessments. Download: 7MS #18: Wireless Security 101 (audio) Show notes: WEP encryption is very, very bad. It’s easy to crack. Don’t use it. Wifite will demonstrate how easy it is to crack WEP. Stronger encryption such as WPA/WPA2…

22 Kesä 20147min

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

In this episode I share my experience with EC-Council’s Certified Ethical Hacker training and exam. Download: 7MS #17: How to Pass the Certified Ethical Hacker Exam (audio) Show notes: Here’s info on the CEH training and test outline. I took my CEH training through UFairfax with instructor Leo Dregier. See this post I wrote that…

14 Kesä 20147min

Suosittua kategoriassa Politiikka ja uutiset

ootsa-kuullut-tasta-2
rss-podme-livebox
aikalisa
politiikan-puskaradio
rss-ootsa-kuullut-tasta
et-sa-noin-voi-sanoo-esittaa
otetaan-yhdet
aihe
rss-vaalirankkurit-podcast
rss-sinivalkoinen-islam
rikosmyytit
the-ulkopolitist
rss-raha-talous-ja-politiikka
rss-tasta-on-kyse-ivan-puopolo-verkkouutiset
politbyroo
radio-antro
rss-mina-ukkola
rss-merja-mahkan-rahat
linda-maria
rss-kaikki-uusiksi