Jan 27, 2021

SANS Faculty Free Tools

Tags: ,

SANS instructors have built more than 150 open source tools that support our work to implement better security. Below is the link to the list for the free tools.

https://blog.deurainfosec.com/sans-faculty-free-tools/

Jan 26, 2021

Moving Operations to the Cloud

Tags: , ,

Watched a video on YouTube, about "Moving operations to the Cloud", at
https://www.youtube.com/watch?v=wzAymfsUFBk by Ryan (SANS instructor)


 

This talk is about some of the nuances that cloud brings to any organization when transitioning from on-premise to an IaaS cloud environment. It provides better preparation to defend cloud-hosted, applications and services. 

Ryan at ryananicholson · GitHub

Jan 21, 2021

Think In Graphs

Tags:

Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win.

 ~ By John Lambert from Microsoft  

Think in graphs
Think in Graphs


Jan 20, 2021

Webinar: Responding to a Cybersecurity Incident in the New Reality

Tags: , , , ,

This is an interesting webinar that cover incident response in the New Reality: those clouds and workstations that work from anywhere.

We may familiar with current incident response process for data center, but how about those cloud and those who work from home.

The webinar walks us through the typical Cyber Kill Chain and the protection, including how EDR and cloud can help us in the incident response. Based on statistic:

  • Hacker will stay undetected at average of 200 days in our network.
  • It takes around 80 days for recovery. This includes identification, containment, investigation, eradication, recovery, and make sure it won't happen again.

Microsoft Defender Security Center solutions:

  1. Use cloud to replace onPrem SIEM to cover full infrastructure.
  2. Use Machine Learning + Behavioral to speed up detection.
  3. Incident Mgmt, Timeline and detailed analysis, Vulnerability Mgmt, Threat intelligence and advanced hunting.

Demos:

  • Cyber Kill Chain 
  • USB Cactus in Action
  • EXE Attack
  • Microsoft Defender For Endpoint
  • Advanced Hunting

Jan 19, 2021

Webinar: Total Security with Surface Endpoint

Tags:

This is an one-hour webinar that focus on securing endpoint (from chip-level to cloud management).

Total Security for Endpoint:

  1. UEFI with TPM 2.0
  2. SEMM
  3. Securing boot
  4. BitLocker
  5. MDM UEFI management
  6. Windows Hello
  7. Advanced Windows Security Features
  8. Conditional access
  9. Windows Update for Business
  10. Microsoft Defender ATP
  11. Intune Wipe and Retire


Subscribe to: Posts (Atom)