7MS #285: The Quest for Critical Security Controls - Part 2
7 Minute Security9 Nov 2017

7MS #285: The Quest for Critical Security Controls - Part 2

Nothing to do with security, but I've heard this song way too much this week.

I love the CIS Controls but it seems like there isn't a real good hands-on implementation guide out there. Hrmm...maybe it's time to create one? Speaking of that, check out the MacMon project and chat with us about it via Slack.

After hearing rave reviews about Fingbox (not a sponsor), I picked one up (~$120) and wow, I'm impressed! It's got a lot of neat features that home users and SMBs would like as it related to mapping to CSC #1:

  • Ability to map network devices to users to create an inventory
  • Email alerts for new devices that pop up on the network
  • Block unwanted users from the app, even when not directly connected to the LAN
  • Nice set of troubleshooting tools, such as wifi throughput test, Internet speed test, and port scanning of LAN/WAN devices

More on today's show...

Episoder(720)

7MS #648: First Impressions of Level.io

7MS #648: First Impressions of Level.io

Hey friends, today I'm sharing my first (and non-sponsored) impressions of Level.io, a cool tool for managing Windows, Mac and Linux endpoints. It fits a nice little niche in our pentest dropbox deplo...

1 Nov 202440min

7MS #647: How to Succeed in Business Without Really Crying – Part 19

7MS #647: How to Succeed in Business Without Really Crying – Part 19

Today we're talkin' business – specifically how to make your report delivery meetings calm, cool and collect (both for you and the client!).

25 Okt 202422min

7MS #646: Baby's First Incident Response with Velociraptor

7MS #646: Baby's First Incident Response with Velociraptor

Hey friends, today I'm putting my blue hat on and dipping my toes in incident response by way of playing with Velociraptor, a very cool (and free!) tool to find evil in your environment. Perhaps even...

18 Okt 202416min

7MS #645: How to Succeed in Business Without Really Crying - Part 18

7MS #645: How to Succeed in Business Without Really Crying - Part 18

Today I do a short travelogue about my trip to Washington, geek out about some cool training I did with Velociraptor, ponder drowning myself in blue team knowledge with XINTRA LABS, and share some tho...

14 Okt 202431min

7MS #644: Tales of Pentest Pwnage – Part 64

7MS #644: Tales of Pentest Pwnage – Part 64

Hey! I'm speaking in Wanatchee, Washington next week at the NCESD conference about 7 ways to panic a pentester! Today's tale of pentest pwnage is a great reminder to enumerate, enumerate, enumerate!...

4 Okt 202441min

7MS #643: DIY Pentest Dropbox Tips – Part 11

7MS #643: DIY Pentest Dropbox Tips – Part 11

Today we continue where we left off in episode 641, but this time talking about how to automatically deploy and install a Ubuntu-based dropbox!  I also share some love for exegol as an all-in-one Acti...

27 Sep 202426min

7MS #642: Interview with Ron Cole of Immersive Labs

7MS #642: Interview with Ron Cole of Immersive Labs

Ron Cole of Immersive Labs joins us to talk pentest war stories, essential skills he learned while serving on a SOC, and the various pentest training and range platforms you can use to sharpen your se...

23 Sep 202442min

7MS #641: DIY Pentest Dropbox Tips – Part 10

7MS #641: DIY Pentest Dropbox Tips – Part 10

Today we're revisiting the fun world of automating pentest dropboxes using Proxmox, Ansible, Cursor and Level. Plus, a tease about how all this talk about automation is getting us excited for a long-...

13 Sep 202427min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden
aftenpodden-usa
forklart
popradet
stopp-verden
lydartikler-fra-aftenposten
fotballpodden-2
det-store-bildet
nokon-ma-ga
rss-gukild-johaug
hanna-de-heldige
dine-penger-pengeradet
rss-ness
rss-espen-lee-usensurert
aftenbla-bla
rss-dannet-uten-piano
e24-podden
grasoner-den-nye-kalde-krigen
frokostshowet-pa-p5