Informational

Author, Derek Banks, Fun & Games, Informational disaster preparedness, emergency, hurricane, hurricane florence, what to pack for a hurricane

Digital Bug Out Bag: A Nerd and His Family Running From a Hurricane

Derek Banks// I live in an area that was initially projected to be hit by Hurricane Florence. Four days prior to the storm making landfall the governor of my state […]

Read the entire post here

Informational

Do You Know What Devices Are on Your Network?

Bryan Strand// I have recently started taking SEC566 with James Tarala via SANS on the CSC 20 Critical Controls and decided it would be a great blog series to do […]

Read the entire post here

Author, Brian King, How-To, Informational, InfoSec 101 FAQ, general infosec, General Questions, getting started, mentor, new to infosec

How to Find an InfoSec Mentor

BB King // We got an email from a fan today asking how best to find a mentor in information security. Maybe you’re looking for a mentor too. It’s a […]

Read the entire post here

Author, Informational, Mike Felch, Red Team, Red Team Tools Active Directory, Azure, reconnaissance, Red Team

Red Teaming Microsoft: Part 1 – Active Directory Leaks via Azure

Mike Felch // With so many Microsoft technologies, services, integrations, applications, and configurations it can create a great deal of difficulty just to manage everything. Now imagine trying to secure […]

Read the entire post here

How-To, Informational, Red Team pentest report, Pentesting, reports

DOs and DON’Ts of Pentest Report Writing

Melisa Wachs// The first day of school has started for your school-age kiddos. What better time to run through some of our basic reporting guidelines with y’all? Here is a […]

Read the entire post here

Blue Team, Finding, General InfoSec Tips & Tricks, How-To, Informational after the pen test, how to deal with you penetration test results, What to do after a penetration test, what to do after a pentest

What to Expect After a Pen Test

Scott Worden* // So you and your company had a pen test…now what? What to do, how to plan, and good SQUIRREL! ways to stay on track.   The 3 […]

Read the entire post here

Author, CJ Cox, Informational, InfoSec 101, Podcasts Policy, Security Policy, Why Security Policy Matters

PODCAST: Security Policy: Fact Fiction or Implement the Marquis de Management

CJ Cox talks about the highs, lows, hows and why’s of security policy. // Show Notes Why are we doing this? Do you hate your audience? GDPR was bad enough. […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Informational, Web App CORS, Cross Origin Request Sharing, Web App

CORS Lite

Dakota Nelson// Cross Origin Request Sharing (CORS) is complicated, and that complexity creates a lot of places where security vulnerabilities can sneak in. This article will give you a “lite” […]

Read the entire post here

Author, External/Internal, How-To, Informational, InfoSec 201, Kent Ickler, Password Cracking, Wireless Cheat Sheet, Cracking, dictionary, Hashcat, Hashing, Jordan Drysdale, Password cracking

Hashcat 4.10 Cheat Sheet v 1.2018.1

Kent Ickler // It seemed like we were always cross-referencing the Hashcat Wiki or help file when working with Hashcat. We needed things like specific flags, hash examples, or command […]

Read the entire post here