PSWEpisode631

From Paul's Security Weekly
Revision as of 15:22, 16 December 2019 by Johnny (talk | contribs) (Hosts)
Jump to: navigation, search

Recorded December 19, 2019 at G-Unit Studios in Rhode Island!

Introduction

In this episode, we kick things off with the Blue Team round table and discuss defensive techniques that actually work, and ones that don't. Then we will switch teams and transition to the state of penetration testing round table where we'll discuss the evolution of penetration testing and how to get the most value from the different types of assessments. In our final segment, we welcome back long-time friend of the show Ed Skoudis to discuss this year's Counterhack Holiday Hack Challenge, a holiday tradition here at Security Weekly and one of the community's favorite hacking challenges. Stay tuned for all that and more on the episode of Paul's Security Weekly.

Episode Audio

Segment 1: Blue Team Tactics and Techniques

Introduction

Welcome to Paul's Security Weekly Blue Team Tactics and Techniques. First, a quick reminder for our audience to join the Security Weekly mailing list and subscribe to all of the shows on the network. You can do that by visiting securityweekly.com/subscribe. And now please adorn your blue team attire as the hosts and our special guests discuss how to best defend your organization from attacks, in the cybers, er, from cyber-attacks, maybe cyber security attacks, evil attackers? Something like that...

Description

It's often said that attackers need only to get it right once, where defenders have to be right all of the time. Those of us who have worked in a security role as a defender know we don't always get it right, in fact, there are often many exposures in our defenses. This segment will aim to help defenders learn tactics and techniques that are effective and try to answer some of the following questions:

  1. How do you prioritize your defensive efforts?
  2. How do you best detect attacks?
  3. How do you best protect against attacks?
  4. We always say "patch your stuff" but how often should you patch? Which systems should you patch?
  5. What techniques work best to defend against email phishing?
  6. How do you provide a "good enough" level of security for your Active Directory?
  7. What are the fundamentals of defense? How do they differ per environment and organization?
  8. How do you get management to buy-in to your security plans and spending?

Guests

  • Trent Lo
    is the Cyber Security Principal at MMC.
  • Ron Gula
    is the President at Gula Tech Adventures.
  • Bill Swearingen
    is the Cyber Strategist at IronNet.
  • Jim Nitteraueris the Senior Security Engineer at Zix, AppRiver.
  • Jason Nester
    is a CISO at A company in the financial sector.
  • Michael Gough
    is the Malware Archaeologist at the NCC Group.
  • Chris Kubecka
    is the CEO at Hypasec.
  • Click Headshots for Full Bio

    Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Lee Neely
    is a Sr. Cyber Analyst at LLNL,SANS Analyst, SANS NewsBites Editor
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Tyler Robinson
    Managing Director of Network Operations at Nisos, Inc .
  • April Wright
    is a Preventative Security Specialist at ArchitectSecurity.org .
  • Resources




    Segment 2: The State of Penetration Testing

    Introduction

    Welcome to the state of penetration testing round table discussion. A quick reminder for our audience to join our mailing list and receive notifications about upcoming webcasts, virtual training, and events where Security Weekly will be distributing awesome swag. Visit securityweekly.com/subscribe to join today!

    Description

    Penetration testing has evolved quite a bit in the past year. As defenses shift, and in some cases get much better, attack techniques and landscapes have changed as well.

    • What has changed in the past year with regards to penetration testing?
    • What is adversary simulation? What are the benefits? Is the offering and consumption of this service an indication that organizations are getting better at building effective security programs?
    • How has the increased popularity of breach and attack simulation tools impacted penetration testing?
    • Has the MITRE attack framework impacted penetration testing? If so, how?
    • Many advanced penetration testers seem to be keeping their tools private as to avoid detection by endpoint security products. Is this happening, and if so what is the impact? Should we share more? Less?
    • With so many tools available today for penetration testing, what can blue teams and internal red teams do to prep for an external penetration test?
    • Will the attack surface begin to shift as email phishing defenses get better? Or, will all organizations still have exposures due to email phishing and users trusting an email/link/attachment?

    Guests

  • Dave Kennedy
    is the Founder/CEO of TrustedSec and Binary Defense.
  • Christopher Hadnagyis the Chief Human Hacker of Social-Engineer, LLC.
  • Click Headshots for Full Bio

    Hosts

  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Tyler Robinson
    Managing Director of Network Operations at Nisos, Inc .
  • Patrick Laverty
    is a Pentester for Rapid7
  • Jason Wood
    Threat hunter at CrowdStrike, penetration tester, sysadmin, and Founder of Paladin Security.
  • Resources




    Segment 3 : Holiday Hack Challenge

    Introduction

    It's that time of year, yes, the holidays. While you may be busy shopping, attending holiday parties and searching for your ugly Christmas sweater, one thing is for sure: Ed Skoudis always has a great gift to everyone in the community: The Counterhack Holiday Hack Challenge. Its the gift that keeps on giving, as does our special guest for this segment, none other than Ed Skoudis!

    Description

    Each year the team at Counterhack Challenges makes available the Holiday Hack Challenge. Led by Ed Skoudis, and created by some of the most talented security professionals in the industry, it is not to be missed. Tune in to hear the details, or at least some information, about this year's Holiday Hack Challenge!

    Guests

    Ed Skoudis is the founder of Counter Hack, an innovative organization that designs, builds, and operates popular infosec challenges and simulations including CyberCity, NetWars, Cyber Quests, and Cyber Foundations. As director of the CyberCity project, Ed oversees the development of missions which help train cyber warriors in how to defend the kinetic assets of a physical, miniaturized city. Ed's expertise includes hacker attacks and defenses, incident response, and malware analysis, with over fifteen years of experience in information security. Ed authored and regularly teaches the SANS courses on network penetration testing (Security 560) and incident response (Security 504), helping over three thousand information security professionals each year improve their skills and abilities to defend their networks. He has performed numerous security assessments; conducted exhaustive anti-virus, anti-spyware, Virtual Machine, and IPS research; and responded to computer attacks for clients in government, military, financial, high technology, healthcare, and other industries. Previously, Ed served as a security consultant with InGuardians, International Network Services (INS), Global Integrity, Predictive Systems, SAIC, and Bell Communications Research (Bellcore).


    Hosts

  • Jeff Man
    Cryptanalyst,
    infosec analyst, pioneering ex-NSA pen tester, PCI specialist,
    Tribe of Hackers, & InfoSec Curmudgeon.
    Currently a Sr. InfoSec Consultant for Online Business Systems.
  • Larry Pesce
    Senior Managing Consultant and Director of Research at InGuardians, SANS Instructor.
  • Doug White
    Cybersecurity professor, President of Secure Technology, and Security Weekly network host.
  • Joff Thyer
    SANS Instructor, penetration tester, and Security Researcher at Black Hills Information Security.
  • Matt Alderman
    CEO at Security Weekly, Strategic Advisor, and Wizard of Entrepreneurship
  • Paul Asadoorian
    Embedded device security researcher, security podcaster, and CEO of Active Countermeasures .
  • Resources

    Follow us on Twitter Watch Security Weekly videos Listen to Security Weekly Security Weekly fan page Connect with Paul Google+