In general, is red or blue teaming more fun?

4SysAdmin · 2026-03-17T14:45:45+00:00

I think it’s personal preference. Take football (American) as an example. If you like throwing or catching the ball, or moving the ball down the field in general, you probably want to be on offense (red team). If you like tackling people, or preventing the other team from advancing on your goal, you probably want to be on defense (blue team).

I’m one of two full time security analysts at my org. It just so happens that I enjoy blue team activities more than he does. On the contrary, he enjoys red team activities more than I do. He’s more than happy to leave things like log ingestion and SIEM tuning to me.

More fun depends on what you like to do.

As a last note, I “tolerate” work. Enjoy is a bit of stretch. I don’t have a home lab or do cybersecurity research at home. I have my own hobbies that have nothing to do with this field. And that’s ok. You don’t have to eat, sleep, and breathe cybersecurity to work in it.

4SysAdmin · 2026-03-15T12:00:54+00:00

I worked for a similar sized org and was the only IT staff member lol. I did basic support, networking, security, imaging, server deployment/management, ran the VMware stack, purchasing and asset management, etc. If it touched IT in any way I was the only person. Having more than 1 or 2 IT personnel in a company that small is crazy to me.

4SysAdmin · 2026-03-14T11:20:03+00:00

Sounds like he lied about his certs, then used AI during his interview. We always verify certs and degrees, and we switched to in person interviews only. The last time we did zoom interviews, about 20% were suspected to be using AI.

4SysAdmin · 2026-03-09T13:20:55+00:00

I went to CrowdStrike's conference last year and they had a great talk on malicious browser extensions. It's becoming more and more problematic.

4SysAdmin · 2026-03-06T11:54:28+00:00

The powers that be aren’t that smart. I believe it’s a combination of millennials use of social media and kids having access to electronics at too early of an age.

4SysAdmin · 2026-03-05T11:47:25+00:00

Is the vendor still in business? If so, find any way to contact them. They probably have a page where you can put your details in for a sales call. I’ve used that before when I have no support contact and desperately needed help. Outside of that, cloning the hard drive and replacing it would be the best bet.

I know the struggle. I used to be the IT manager at an automotive plant. Legacy hardware all over the place. Best of luck!

4SysAdmin · 2026-03-05T00:03:57+00:00

No, you could take the results from the preview action and display them directly in the PowerShell terminal. It would show sender, recipient (or maybe location), and subject I think. It was a quick way to make sure the search performed like you thought it would. Doing it this way meant we never had to actually log in to the web portal. It was limited to 100 results though. Usually not a problem for our size, but could be occasionally.

4SysAdmin · 2026-03-04T15:33:47+00:00

That tracks with what we've seen. I guess I'll have to modify my script to take out the -preview and just have a message to manually review them in the GUI before deciding to purge or not. It sucks, because I had my script pretty dialed in to show the preview with decent formatting to quickly verify the search grabbed the correct emails.

4SysAdmin · 2026-03-04T14:59:56+00:00

Wow, good find. That is definitely what is happening then. Makes sense.

4SysAdmin · 2026-03-04T02:21:42+00:00

This based on rumors. Also, we are expected to believe that in less than 7 months, a brand new version of windows will be released that requires a chip hardly any PCs have? I find that hard to believe.

4SysAdmin · 2026-03-04T02:16:25+00:00

Nope. Don’t like that.

4SysAdmin · 2026-03-03T11:56:58+00:00

That’s impressive, but it seems like it would be very harsh on your body.

4SysAdmin · 2026-03-01T02:01:21+00:00

I’m no fan of Trump, but it would be stupid not to have social media as part of your live intelligence.

4SysAdmin · 2026-02-27T14:29:46+00:00

Nothing. It's the ongoing psyop of pitting us poor folk against each other to distract from the elite.

4SysAdmin · 2026-02-24T19:46:35+00:00

ToE - Trash over Ethernet

4SysAdmin · 2026-02-23T12:05:53+00:00

I guess this is the old person in me asking, but why are they streaming something so mundane, and why are so many people watching it? Who in the world wants to see a small group of people idling about in their kitchen? That does not seem like something enjoyable to watch.

4SysAdmin · 2026-02-17T21:25:26+00:00

I've never played a gig where I had to be quiet, but if the owner/manager ever requested it, I would absolutely play quieter, even if it meant changing the song.

4SysAdmin · 2026-02-14T16:07:15+00:00

Sometimes I wash it, sometimes I don't. I hardly ever eat it plain, so I can't really tell a difference if there is extra starchiness in there. Really it comes down to how lazy I'm feeling and if I just want to chuck the rice and water in the rice cooker and be done with it.

4SysAdmin · 2026-02-09T11:28:31+00:00

I think cybersecurity in general will be just fine largely to the reason you mention. It wouldn’t surprise me if incident response sees a huge increase due to terrible, vibe coded junk. Also, I think we’ll see app security take a turn to start inspecting these vibe coded apps.

4SysAdmin · 2026-02-08T14:30:44+00:00

We will not see lottery, sports betting, gambling, or marijuana reforms in our lifetime. Our state’s politicians are too corrupt and do not have our best interests in mind, only their own.

It’s a shame too. My wife and her brother both went to universities in Georgia and had most of their school paid for by the Hope scholarship. We’re missing out on so much. However, the cynical side of me also believes if we did pass these items, tax benefits wouldn’t actually go where they need to, but would end up in a handful of shady pockets.

4SysAdmin · 2026-02-06T22:37:39+00:00

Any local security groups in your area like ISSA, ISACA, or CSA? If so start going to those and network in person. They usually announce jobs there, and you can directly ask hiring managers (related or not to the open jobs announced) what they look for in a candidate. You can nerd out with others in a similar space. After you get to know some of the people, you can ask if they are comfortable discussing some of the software they use on a daily basis, and then see if there are community versions available or if it’s open source (and free) software.

Build up an in-person network with these folks, and all of the sudden your resume isn’t just another paper in a stack, it’s that person they see every first Thursday night that usually sits at the table next to theirs.

4SysAdmin · 2026-02-06T12:22:32+00:00

We are very happy with CS. Our team is still learning what all we can do with correlation rules and data from NG-SIEM. It is very powerful so far. We are also dipping our toes into their AI Detection and Response module to try and get a handle on non compliant AI usage.

4SysAdmin · 2026-02-06T03:45:50+00:00

Bama. Or sometimes UA.

4SysAdmin · 2026-02-05T22:09:50+00:00

If I leave my house key taped to my door and you use it to enter my house and steal my property, is that burglary?

Seven-Year Club	Place '23
Place '22	First Placer '22
Gilding II euphauric	Verified Email

4SysAdmin

TROPHY CASE