7MS #464: Interview with Christopher Fielder of Arctic Wolf
7 Minute Security22 Apr 2021

7MS #464: Interview with Christopher Fielder of Arctic Wolf

Today our friend Christopher Fielder of Arctic Wolf joins us on the show again (check out his first appearance in episode #444 - this time to talk about the security journey, and how to start out in your "security diapers" and mature towards a stronger infosec program. Specifically, we talk about:

  • When the company has one person in charge of IT/security, how can you start taking security seriously without burning this person out? First, it's probably a good idea to take note of what you have as far as people, tools and technology to help you meet your security goals.

  • Early in this process, you should inventory what you have (see CIS controls) so you know what you need to protect. A few tools to help you get started:

  • As you go about any phase of your security journey, don't ever think "I'm good, I'm secure!"

  • Quarterly/yearly vulnerability scans just won't cut it in today's threat landscape - especially your external network. Consider scanning it nightly to catch show-stoppers like Hafnium early)

  • Limiting administrative privileges is SUPER important - but don't take our word for it, check out this report from Beyond Trust for some important stats like "...enforcing least privilege and removing admin rights eliminates 56% of critical Microsoft vulnerabilities."

  • Install LAPS, because if an attacker gets local admin access everywhere, that's in many ways just as good as Domain Admin!

  • Train your users on relevant security topics. Then train them again. Then....again. And after that? Again.

  • There are many ways to conduct tabletop exercises. They don't have to be crazy technical. Start with the internal tech teams, practice some scenarios and get everybody loosened up. Then add the executives to those meetings so that everybody is more at ease.

  • How do you know when it's time to ask for help from an outside security resource?

  • Not sure what kind of shape your company's security posture is in? Check out Arctic Wolf's free security maturity assessment.

Avsnitt(683)

7MS #628: How to Succeed in Business Without Really Crying – Part 17

7MS #628: How to Succeed in Business Without Really Crying – Part 17

Hey friends, today we talk about some not-so-glamorous but ever-so-important stuff related to running a cybersecurity consultancy, including: Taking an inventory of all the SaaS stuff your business uses – to keep an eye on spending, know when services are expiring, and track which credit card the services are tied to (so the services don’t almost get cancelled like some did with me!) Tracking domain names, and setting up your own automated rules to notify you well ahead of time when a domain is expiring (maybe that passion project is never gonna happen…time to let those old domains go 🙂 Making a spreadsheet of all important accounts and checking all the auth methods allowed for each account – to prevent attacks such as SIM-swapping

14 Juni 20249min

7MS #627: Migrating from vCenter to Proxmox – Part 2

7MS #627: Migrating from vCenter to Proxmox – Part 2

Hey friends, today we continue our series all about migrating from VMWare to the world Proxmox!  Specifically: Getting my first Proxmox-based NUCs out in the field for live engagements! Pulling the trigger on two bare-metal Proxmox servers to eventually replace my vCenter environment. OVHCloud made it super easy to to add Proxmox to those bare-metals with a simple wizard. I couldn’t figure out how to get a Proxmox VM as the main firewall for the whole Proxmox node, but it turns out it helps to RTFM. When getting a bare-metal OS/hypervisor installed, be careful in that the provider may leave the management ports of that host open to the whole world.  In OVH’s case, they have a software firewall that can be tuned so that, for example, only you can hit the management ports for the box. Getting VLANs setup is a snap once the virtual hardware stuff is in place.

10 Juni 202435min

7MS #626: Web Pentesting Pastiche

7MS #626: Web Pentesting Pastiche

Hey friends, today we’ve got a security milkshake episode about Web app pentesting. Specifically we talk about: Burp Suite Enterprise Caido – a lightweight alternative to Burp wfuzz – Web fuzzer.  Using a proxy:wfuzz -c -z file,/usr/share/wfuzz/wordlist/Injections/XSS.txt –sc 200 “https://somedomain.com/shopping?&qty=%2FUZZ” -p 10.0.7.11:8080 KNOXSS – for XSS testing – pairs nicely with this wrapper: https://github.com/xnl-h4ck3r/knoxnl In the tangent dept, I moan about how I hate some things about Proxmox but am also starting to love it. In the tangent #2 department, I talk about tinnitus and acupuncture!

31 Maj 202450min

7MS #625: A Peek into the 7MS Mail Bag - Part 4

7MS #625: A Peek into the 7MS Mail Bag - Part 4

Road trip time! I’ve been traveling this week doing some fun security projects, and thought all this highway time would be a perfect opportunity to take a dip into the 7MS mail bag!  Today’s questions include: How do you price internal network penetration tests? Have you ever had to deal with a difficult client situation, and how did you resolve it? Are you done going after certs?  Spoiler: no – I’m interested in doing the XINTRA labs (not sure if it includes a cert) Do you provide managed services or just stick with more “one and done” assessment work? You said the “smart business people” tell you to form reseller partnerships, otherwise you’re leaving money on the table – so why don’t you? I’m thinking of starting my own cybersecurity consultancy – what type of insurance do I need to protect me in case of a digital “oops?”

24 Maj 202444min

7MS #624: Tales of Pentest Pwnage – Part 57

7MS #624: Tales of Pentest Pwnage – Part 57

Today’s tale of pentest pwnage is all about my new favorite attack called SPN-less RBCD. We did a teaser episode last week that actually ended up being a full episode all about the attack, and even step by step commands to pull it off.  But I didn’t want today’s episode to just be “Hey friends, check out the YouTube version of this attack!” so I also cover: Our first first impressions of Burp Enterprise Why I have a real hard time believing you have to follow all these steps to install Kali on Proxmox

17 Maj 202429min

7MS #623: Prelude to a Tale of Pentest Pwnage

7MS #623: Prelude to a Tale of Pentest Pwnage

Today’s prelude to a tale of pentest pwnage talks about something called “spnless RBCD” (resource-based constrained delegation).  The show notes don't format well here in the podcast notes, so head to 7minsec.com to see the notes in all their glory.

10 Maj 202424min

7MS #622: Migrating from vCenter to Proxmox - Part 1

7MS #622: Migrating from vCenter to Proxmox - Part 1

Sadly, the Broadcom acquisition of VMWare has hit 7MinSec hard – we love running ESXi on our NUCs, but ESXi free is no longer available.  To add insult to injury, our vCenter lab at OVHcloud HQ got a huge price gouge (due to license cost increase; not OVH’s fault).  Now we’re exploring Proxmox as an alternative hypervisor, so we’re using today’s episode to kick off a series about the joys and pains of this migration process.

5 Maj 202416min

7MS #621: Eating the Security Dog Food - Part 6

7MS #621: Eating the Security Dog Food - Part 6

Today we revisit a series about eating the security dog food – in other words, practicing what we preach as security gurus!  Specifically we talk about: We’re going to get a third-party assessment on 7MinSec (the business) Tips for secure email backup/storage Limiting the retention of sensitive data you store in cloud places

26 Apr 202423min

Populärt inom Politik & nyheter

p3-krim
svd-dokumentara-berattelser-2
flashback-forever
rss-krimstad
olyckan-inifran
rss-vad-fan-hande
rss-viva-fotboll
aftonbladet-daily
rss-sanning-konsekvens
svenska-fall
krimmagasinet
fordomspodden
motiv
blenda-2
dagens-eko
rss-frandfors-horna
spar
svd-nyhetsartiklar
rss-expressen-dok
spotlight