Créer un compteSe connecter

Recherches récentes

Aucune recherche récente

Options de recherche

Disponible uniquement lorsque vous êtes connecté.
mastouille.fr est l'un des nombreux serveurs Mastodon indépendants que vous pouvez utiliser pour participer au fédiverse.
Mastouille est une instance Mastodon durable, ouverte, et hébergée en France.

Administré par :

Statistiques du serveur :

663
comptes actifs

mastouille.fr: À proposAnnuaire des profilsPolitique de confidentialité

Mastodon: À proposTélécharger l’applicationRaccourcis clavierVoir le code sourcev4.3.4

#DetectionAndResponse

0 message0 participant0 message aujourd’hui
Marco Ciappelli🎙️✨:verified: :donor:<p>As you know — well, now you do 😬 — Marco Ciappelli and Sean Martin, CISSP, are now hosting webinars on ITSPmagazine!</p><p>Yes, webinars are everywhere — but these are different:<br>ITSPmagazine <a href="https://infosec.exchange/tags/Webinars" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Webinars</span></a> are More Than Just a Presentation. <br>They’re Real Conversations That Matter.</p><p>🎙️ Join us live on May 8 (or catch it On Demand) for an incredible conversation with Fred Wilmot. </p><p>You already know it’s going to be an awesome one — don’t miss it! ✨</p><p>Rethink, Don’t Just Optimize: A New Philosophy For Intelligent Detection And Response — An ITSPmagazine Webinar With Detecteam</p><p>Traditional detection and response is overdue for a rethink. This webinar explores the limits of optimization, the danger of misleading metrics, and a new approach focused on adaptability, behavior-driven signals, and speed. See how Detecteam’s REFLEX Platform helps teams turn weak signals into fast, actionable detections—before attackers have time to move.</p><p>REGISTER: <a href="https://www.crowdcast.io/c/rethink-dont-just-optimize-a-new-philosophy-for-intelligent-detection-and-response-an-itspmagazine-webinar-with-detecteam-314ca046e634" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">crowdcast.io/c/rethink-dont-ju</span><span class="invisible">st-optimize-a-new-philosophy-for-intelligent-detection-and-response-an-itspmagazine-webinar-with-detecteam-314ca046e634</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a>, <a href="https://infosec.exchange/tags/detectionandresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>detectionandresponse</span></a>, <a href="https://infosec.exchange/tags/threatdetection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatdetection</span></a>, <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>incidentresponse</span></a>, <a href="https://infosec.exchange/tags/securityoperations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securityoperations</span></a>, <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a>, <a href="https://infosec.exchange/tags/cyberdefense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberdefense</span></a>, <a href="https://infosec.exchange/tags/securitystrategy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>securitystrategy</span></a>, <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a>, <a href="https://infosec.exchange/tags/detecteam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>detecteam</span></a> <a href="https://infosec.exchange/tags/infosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosecurity</span></a></p>
signalblur 📡🛸:verified:<p>I recently wrote an article on <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ransomware</span></a> - I was surprised to see that more often than not, variants that have a “Linux” version are really targeting the hypervisor and encrypting the virtual memory.</p><p>It’s an import distinction as your <a href="https://infosec.exchange/tags/EDR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EDR</span></a> / <a href="https://infosec.exchange/tags/Logging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Logging</span></a> will not see a binary execute on the host VMs - you’ll want to ensure your <a href="https://infosec.exchange/tags/Hypervisor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hypervisor</span></a> <a href="https://infosec.exchange/tags/Logs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Logs</span></a> are being sent to your <a href="https://infosec.exchange/tags/SIEM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SIEM</span></a></p><p><a href="https://www.signalblur.io/through-the-looking-glass" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">signalblur.io/through-the-look</span><span class="invisible">ing-glass</span></a></p><p><a href="https://infosec.exchange/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a> <a href="https://infosec.exchange/tags/Unix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Unix</span></a> <a href="https://infosec.exchange/tags/Virtualization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Virtualization</span></a> <a href="https://infosec.exchange/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloud</span></a> <a href="https://infosec.exchange/tags/RHEL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RHEL</span></a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://infosec.exchange/tags/OpenSuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSuse</span></a> <a href="https://infosec.exchange/tags/CTI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CTI</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Intel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Intel</span></a> <a href="https://infosec.exchange/tags/DetectionandResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DetectionandResponse</span></a> <a href="https://infosec.exchange/tags/DetectionEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DetectionEngineering</span></a> </p><p>(Re-posting as killing off all of the JavaScript on my site accidentally messed up the metadata when I share links 🙃 all fixed now)</p>
Noah McDonald<p>For those using GCP, do you have adequate coverage with your security detection rules? If not, here is a great resource that a teammate recently shared with me <a href="https://github.com/GoogleCloudPlatform/security-analytics" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/GoogleCloudPlatform</span><span class="invisible">/security-analytics</span></a>. This covers SQL, for both BigQuery and Log Analytics, and Yara rules. <a href="https://infosec.exchange/tags/gcp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gcp</span></a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/DetectionAndResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DetectionAndResponse</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/threathunting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threathunting</span></a></p>
woFF<p>Here comes my late <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>introduction</span></a>... My first interaction with <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> was thanks to an integer overflow in railroad tycoon (the one from the 90s) allowing me as a kid to buy an infinite amount of buildings... </p><p>Then few years later Softice came and I got absolutely amazed with all the things that's possible with a computer. Spent my evenings dialing into the internet and reading hacker forums... </p><p>Fast forward a few years after building awful php apps next to university I ended up being a <a href="https://infosec.exchange/tags/pentester" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pentester</span></a> / security consultant at a Big4. I really loved the pace and challenges but after some time felt that I'm missing to have some type of positive impact so switched sides. </p><p>I spent the past almost 10 years at Prezi as a security engineer / engineering manager / something something / ... with a bit of back and forth between roles. I love working both with people (definitely felt more positive impact) and getting my hands dirty around anything security related be it <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudsecurity</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/infrastructuresecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infrastructuresecurity</span></a> or <a href="https://infosec.exchange/tags/DetectionAndResponse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DetectionAndResponse</span></a> ... I still love to break stuff as I believe sometimes that's necessary before being able to rebuild it better.</p><p>Since my son was born my priorities shifted finally and am focusing more efficiently on simply being a happy, decent human being instead of worrying about something all the time :) or at least that's what I like to think.</p><p>I wasn't too active on twitter in the past years but looking at infosec.exchange brought up some good memories. Thanks <span class="h-card"><a href="https://infosec.exchange/@jerry" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jerry</span></a></span> for all the care that went and goes into it.</p>
ExplorerFlux en direct
À propos