Leadership
I am seeing lots of “debate” about the value in red teaming, so I thought I would put together my thought process of how I look at as a broad stroke when I consider a generic starting position in an organisation. When I’m defending a business, I tend to ask myself (and the team/customers etc.) these kind of questions (they are not exhaustive):
Read more “Red Team Readiness Assessment”
Leadership
How an organization approaches the challenge of technology and security management, well that’s the difference between leveraging technology to deliver value efficiently and effectively vs technical debt and inefficient deployment of technology which may hinder the organisation in its pursuit of its mission.
When we consider how technology is managed, we need to look at it from multiple viewpoints with different views:
Read more “Organisational Approach to Technology and Security”
Guides
Recently I was helping a friend out when they were being targeted by a criminal online. I thought I’d put some notes down to try and help people. This isn’t a “how to” it’s more like thoughts and ideas. It’s UK centric, but probably works in lots of places.
One thing to note, preparation is greater than response, the more prepared you are, the less vulnerable you may be, the more prepared the smaller the attack surface.
You may for a variety of reasons become under heightened threat from an internet perspective. The information on here is not a catch all, a detailed guide to personal (PERSEC) and operational security (OPSEC). Read more “What to do when you think you are being targeted in cyberspace”
Threat Intel
We’ve all been there haven’t we! We’ve pwn3d a network, pivoted and moved around for months and then accidentally got the wrong company name… oh wait.
Well, this story isn’t fiction, CLOP ransomware group have breached a water company and then written it up as the wrong organisation. Read more “CLOP Ransomware Group Breaches Water Company and then misattributes to THAMES WATER”
Leadership
Everyone loves talking about how to get into Cyber! It’s like the cliché thing to talk about! Hell, there’s people who have been in jobs for minutes writing guides, It’s odd… my advice, gardening! Seriously you will see the outside, will learn skills that are useful and keep physically fit! Wait you still want to cyber? You sure? Ok there’s some super awesome fun parts of cyber, not going to lie, it sounds super cool! What do you do? I’m a CYBER! See cool AF!
Read more “mRr3b00t’s little blog about the Cyberz and getting into them!”
Education
Oh that’s “just a Nessus scan” or that’s not a real pen test etc. is something that if you are in the infosec/cyber world for a few minutes you will probably hear.
It’s honestly a bit odd, some sort of way of diminishing something because a tool was used, which doesn’t really make a whole lot of sense given most activity involves using something that already exists (sure there are fields and scenarios where this isn’t true but I’m generalising).
So why are we as an industry obsessed with tools and obsessed with berating people for using them? It’s all rather odd.
It perhaps ties in with this Cyber Myth about penetration testing being the tool that’s good and useful in every scenario… I hate to break it to people, but it’s not the principles of security and it certainly isn’t the best/most appropriate “tool” in every scenario. Read more “When running Nessus is a good thing!”
Leadership
“You will respect my authority” … is a sure fast way to be ignored in the business world!
Much like gatekeeping, excessive focus on policies, lack of engagement with the audience and generally mandating security policies and procedures that are not practical will likely not end with a robust, resilient security posture. Read more “Cyber Security in a business environment”
Leadership
Wow a big question, right? I can’t answer this for you, obviously I’d recommend that you consider cyber insurance, however I’d also recommend that you:
I’m not going to write lots this evening on the subject, but I was reviewing a report and thought in line with some research that I started recently (but was side-tracked) and then have seen the report so purchased that instead! (Sometimes it’s easier to not do everything yourself right!)
Read more “Cyber Insurance: How would I decide to buy it or not?”
Guides
Ever stuck in an environment where your internet access isn’t what you want it to be? Ever need to exfilrate data and bypass some DLP? Obviously I’m talking like a pentester (don’t use this if it beaks policies on anohers assets) so this is useful for some scenarios in testing but also in real life!
Read more “How to use Putty as a SOCKS Proxy”
Education
Honestly, it feels weird writing this, however I feel there’s a real issue with penetration testing and some myths that (for understandable and obvious reasons) exist in some people’s minds. So I’ve taken to trying to explain to people what an external penetration test actually entails in the real world of business. So here goes!
Read more “Infrastructure Penetration Testing Realities”