7 Minute Security18 Touko 2017

7MS #258: Speaking at Secure360 - Part 2

Intro

I mentioned last week that I was speaking at the Secure360 conference here in the Twin Cities, and at that time I was preparing a talk called Pentesting 101: No Hoodie Required. I was so nervous that I've basically spent the last week breathing heavily into paper bags and wishing I was on sedatives.

But I have good news to report in today's episode, friends! The talk was very well received and the attendees didn't get out torches and pitchforks! #winning! So today's episode (audio below) talks more about the public speaking experiences and highlights some lessons learned:

Things I'd do again next time

I'd not tempt the demo gods and still pre-record my hacking movies ahead of time. I saw some people do live demos of very technical things and it did not go well for a few of them :-(
I would still spend way too many hours cutting together my movies in iMovie so that they followed a good tempo when presented live
I would still have a copy of my presentation on two different laptops, 3 USB thumb drives, a cloud copy, and a copy sent to the Secure 360 folks just in case. Backups, backups, backups - am I right?

What I'd do differently next time

I'd hopefully have the preso done a few days (weeks, even!) ahead of time and practice it in front of colleagues to get some feedback.
I'd still have a theme to the presentation, but rather than something specific like Terminator 2, maybe I'd go even more general and pick a movie/character that could appeal even more to the masses.
I wouldn't worry so much about having a presentation that "nails it" for everybody. That's just not possible! We're all coming from different backgrounds and skillsets. It's not gonna be a home run for everybody.

Kokeile Premiumia

Nauti 14 päivää ilmaiseksi

Tilaa Premium

Jaksot(701)

7MS #685: The Time My Neighbor Almost Got Scammed Out of $13K

Today's kind of a "story time with your friend Brian" episode: a tale of how my neighbor almost got scammed out of $13k. The story has a lot of red flags we can all keep in mind to keep ourselves (as well as kids/friends/parents/etc.) safer from these types of shenanigans.

25 Heinä 22min

7MS #684: Pwning Ninja Hacker Academy

Hey friends, today we start pwning Ninja Hacker Academy – cool CTF-style lab that has you start with no cred and try to conquer domain admin on two domains!

18 Heinä 22min

7MS #683: What I'm Working on This Week - Part 4

This week I'm working on a mixed bag of fun security and marketing things: A pentest I'm stuck on My latest lab CTF obsession: Ninja Hacker Academy A cool "about 7MinSec" marketing video that was recorded in a pro studio!

12 Heinä 30min

7MS #682: Securing Your Family During and After a Disaster – Part 7

Today's episode is a downer! We talk about things you might want to have buttoned up for when you are eventually not alive anymore: Living will Buried vs. cremated? Funeral plans Funeral PHOTOS? I also talk about how my dad broke his ribs while trying to break a chimpmunk, and how a freak 4-wheeler accident also had my ribs in agony.

4 Heinä 30min

7MS #681: Pentesting GOAD – Part 3

Today Joe "The Machine" Skeen and I pwn the third and final realm in the world of GOAD (Game of Active Directory): essos.local! The way we go about it is to do a WinRM connection to our previously-pwned Kingslanding domain, coerce authentication out of MEEREEN (the DC for essos.local) and then capture/abuse the TGT with Rubeus! Enjoy.

27 Kesä 18min

7MS #680: Tips for a Better Purple Team Experience

Today I share some tips on creating a better purple team experience for your customers, including: Setting up communication channels and cadence Giving a heads-up on highs/criticals during testing (not waiting until report time) Where appropriate, record videos of attacks to give them more context

20 Kesä 26min

7MS #679: Tales of Pentest Pwnage – Part 73

In today's tale of pentest pwnage I talk about a cool ADCS ESC3 attack – which I also did live on this week's Tuesday TOOLSday. I also talk about Exegol's licensing plans (and how it might break your pentest deployments if you use ProxmoxRox).

13 Kesä 30min

7MS #678: How to Succeed in Business Without Really Crying – Part 22

Today I share some tips on presenting a wide variety of content to a wide variety of audiences, including: Knowing your audience before you touch PowerPoint Understanding your presentation physical hookups and presentation surfaces A different way to screen-share via Teams that makes resolution/smoothness way better!

6 Kesä 33min

Kaikki yhdessä sovelluksessa

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi yhdessä paikassa.

Sinulle valikoitua sisältöä

Podme-sovelluksessa kokoat suosikkisi helposti omaan kirjastoosi. Saat meiltä myös kuuntelusuosituksia!

Jatka kuuntelua koska tahansa

Voit jatkaa siitä mihin jäit, myös offline-tilassa.

Premium

9,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa

Aloita 14 päivän kokeilu

Premium

13,99 €/kk

Kaikki premium-podcastit
Ei mainoksia
Ei sitoutumista, peruuta koska tahansa
Yksi lisäkäyttäjä

Kokeile 14 päivää maksutta

Suosittua kategoriassa Politiikka ja uutiset

rss-tasta-on-kyse-ivan-puopolo-verkkouutiset

rss-polikulaari-humanisti-vastaa-ja-muut-ts-podcastit

Tarinat ja äänet, joita rakastat kuunnella

Kuuntele kaikki suosikkipodcastisi ja -äänikirjasi

Lue lisää