Bartek Jerzman

@secman_pl

Hunting ghosts in wires and boxes

Vrijeme pridruživanja: veljača 2015.

Tweetovi

Blokirali ste korisnika/cu @secman_pl

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @secman_pl

  1. Prikvačeni tweet
    23. stu 2019.

    Keep calm - there is a new sheriff in town

    Poništi
  2. proslijedio/la je Tweet
    1. velj

    Finally! registration is now open and the agenda is announced. Check the agenda: Our speakers: Register here: Early Bird only until Feb 16. The number of tickets is limited, so don't wait!

    Poništi
  3. proslijedio/la je Tweet
    28. sij

    1. Windows Defender 2. EDR 3. Automated defanging of documents 4. Disabling macros, OLE, DDE, etc. 5. Disabling Windows Script Hosting 6. Private VLANs 7. Application whitelisting 8. Users not being local admins 9. 2FA on everything 10. Up-to-date patching

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    2. sij 2019.
    Odgovor korisniku/ci
    Poništi
  5. proslijedio/la je Tweet
    30. pro 2019.
    Poništi
  6. proslijedio/la je Tweet
    29. pro 2019.

    OSCD: Threat Detection Sprint #1 Summary has been published. Thanks to all the participants and those who helped with it! Merry Christmas and Happy New Year!

    Poništi
  7. 24. pro 2019.

    That whole OST duscussion went in wrong direction instead of becoming purpleteam playground it showed that divisions are even bigger and views polarized. Thx for your post I couldnt have expressed this view on OST discussion better.

    Poništi
  8. 15. pro 2019.

    Thanks for the baseball card ! It reminds of the childhood when I collected NBA cards - it even smells the same ;) btw. Your and presentation about that group was awesome. You must have great fun tracking them.

    Poništi
  9. proslijedio/la je Tweet
    9. pro 2019.

    ⚙️Account Logon Flow / Process () v0.1 📕[PDF]: 🔗[DIRECT]: ...for self understanding logon flow / process in windows system. Special thanks to Andrei Miroshnikov💪 "Find Evil – Know Normal"

    Poništi
  10. 8. pro 2019.
    Poništi
  11. proslijedio/la je Tweet
    6. pro 2019.

    Building a Taxonomy So, in threat intelligence, incident response, forensics, and REM, an analyst typically deals with a lot of data points. Organizing or 'bucketing' these data points into a manner coherent and usable to the analyst is an important step.

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet

    The Chief Executive of Fishmonger's Hall pays tribute to the bravery his staff showed during the London Bridge attack.

    Poništi
  13. proslijedio/la je Tweet
    24. stu 2019.

    Amid discussions of theoretical attack and defense scenarios, SOC analysts are putting in the hard work of preventing and extinguishing actual attacks. If there are heros in infosec, those in the SOC are among those ranks. Thank you for what you do! 🙇‍♂️

    Prikaži ovu nit
    Poništi
  14. 24. stu 2019.

    ...to help Blueateams prepare testing coverage scenarios. Different tests, different aims - both valuable for

    Prikaži ovu nit
    Poništi
  15. 24. stu 2019.

    Usually, those first types of coverage tests are implemented by blueteams themselves using automatic redteam frameworks. However, some parts of the tests are difficult to implement e.g. coverimg Lateral Movement. It would be conveniant if redteams could also have such offer(3/n)

    Prikaži ovu nit
    Poništi
  16. 24. stu 2019.

    Such sparrings typically verify my ability te detect / respond to threats that span across the full kill chain e.g. across most of the ATT&CK Tactics. Those tests can measure my Time to Detect / Response , Effectiveness of the Response.Both tests have value for Blueteam (2/n)

    Prikaži ovu nit
    Poništi
  17. 24. stu 2019.

    As a blueteamer, I understand both views of redteam tests. I would like to have coverage unit tests for various Procedures from 1 Technique mentioned by Florian However, I would also like to have typical redteam sparrings described by Mark (1/n)

    Prikaži ovu nit
    Poništi
  18. proslijedio/la je Tweet
    21. stu 2019.

    Updated version of mindmap to help in understand better one of the recent campaigns in Italy. Update based on Full map in high resolution (PNG and PDF):

    Poništi
  19. 20. stu 2019.

    At my previous team we analysed and assessed the kill chain of failed intrusions to prepare adversary scenarios. Those tests helped to verify in case one bastion failed in the defense chain.

    Poništi
  20. 19. stu 2019.

    My presentation from on "Hunting beacons" It was unexpected to turn from particpant to speaker in few days when the main agenda speaker could not come to Gdynia. Thanks and for invitation. This year I am sending CFP legally ;)

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·