Welcome to another edition of our Weekly Rewind – where we summarize all our posts from the last week. The top stories this week were 3) “Teaching Kids to Hack on Father’s Day”, 2) “Creating REAL Threat Intel…with Evernote Slides from TakeDownCon Capital Area 2015”, and 1) “Monitor First – The Origin”. If you missed anything or happened to be offline, we hope you find this summary post useful as a quick reference. A la Schneier … you can also use this rewind post to talk about the security stories in the news that we haven’t covered remote-access.
Defending with Evernote Slides from SourceBoston 2015: Next up in getting my slides out from presentations I’ve done the past few months is a threat intel spin on using Evernote to defend the enterprise. Obviously, a true enterprise isn’t going to use Evernote in this way however the goal of the talk was to provide a reference framework that could be implemented in any Evernote-like tool that an enterprise may already have (e.g., SharePoint or OneNote). (continued here)
Teaching Kids to Hack on Father’s Day: A few weeks ago Martin McKeay put out a great post about his teenage son coming to him and asking “Dad, how can I learn to hack?” After a some Twitter “research” he pulled together a nice list of resources to get started. Some of my favorites included Hack This Site, Cybrary.it, Exploit Exercises, HacKid Conference, and PicoCTF. Anyway, given that it Father’s Day, this seemed like a good post reemphasize today. (continued here)
Creating REAL Threat Intel … with Evernote Slides from TakeDownCon Capital Area 2015: In this updated version of my threat intel framework presentation (using Evernote as a backend database) at TakeDownCon Capital Area, I have improved the organization and content flow and added an initial tag framework to help better organize data between Open Source feeds, a case management system, and an information sharing repository. Additionally, there are a few implementation examples. Thanks to the TakeDownCon crew for having me! (continued here)
Monitor First – The Origin: Late last year @taosecurity wrote an article that questioned spending resources on a “pen test and fix” cycle rather than monitoring for intruders that may already be in your networks. The last sentence of the post not only emphasized his theme well but also alluded to an article written by Bruce Schneier that originally stressed “monitoring first.” (continued here)
Hope everyone had a wonderful week! Have a great weekend!