LIVE Topic: Blue Teaming w/Andrew Warham – from inside the HACKERverse

Report

Report


Reviews

0 %

User Scrore

0 ratings
Rate This

Descriptions:

HACKERverse LIVE w/Andrew Warham – 20221202

Hosts:
Kim Crawley, https://www.linkedin.com/in/kimcrawley/
Craig Ellrod, https://www.linkedin.com/in/craigellrod/

Our illustrious Guest today:
Andrew Warham
https://www.linkedin.com/in/awarham/
Mastodon: @awarham@notlegit.net

#DARKweb
#DEEPweb
#HACKERculture
#HACKERverse
#MASTODON
#BLUEteam
#SOC
#SECURITYoperations

Andrew is a “Blue Teamer” in a SOC – Security Operations Center

EDR/XDR tools are just Anti Virus with new stuff tacked on…
Ransomware will happen, the best thing you can do is get an email gateway installed, it will stop the phishing and malware emails…

What are you fav threat advisories that you follow? RSS sand News Feeds?
Where do you get your most up to date info on outbreaks?

Threat intel team internally …and…
SANS internet storm center is at the top of his list – short actionable reasonable data

Kill Chain model?
Limitations: Vendor with a product, we can cover MITRE or we cover all phases of the Kill Chain.
These are just frameworks, not a prescriptive model for how things work.
Kill Chain is mis-leading, valuable, but mis-leading.
It is used falsly by marketing to give you a false sense of security.

Lack of a thing can kill you, then it should not be bought or sold for profit…
Basic needs should be provided, not commoditized to where basic things like food and shelter are un-affordable, and only
controlled by the rich.
We are moving even further into the society of ‘Haves’ and ‘Have Nots’.

Favorite charities:
Out of the cold assoc

Out of the Cold Community Association Halifax – Kjipuktuk

Ad sum for Women
https://adsumforwomen.org/

=====
How to build your own mastodon server using an AWS CloudFormation template:
https://github.com/widdix/mastodon-on-aws