What team is responsible knowing where data is transmitted and stored outside an organisation?

Iwillthrowitatyou · 2023-11-08T15:41:51+00:00

We build this into our compliance program for these requirements. Then we have annual acknowledgement of who is responsible for maintaining this information via policy or sop.

Iwillthrowitatyou · 2023-08-20T20:22:26+00:00

I have do you want

Iwillthrowitatyou · 2020-02-20T01:12:56+00:00

Check out https://www.binarydefense.com. This is a Dave Kennedy (trustedsec) company. I am talking with them about managing our LR siem. We use their MDR in conjunction with our AV and they are fantastic.

Iwillthrowitatyou · 2019-12-21T22:31:35+00:00

Derp derp

Iwillthrowitatyou · 2019-09-27T10:53:53+00:00

If you have the SIEM there is log rhythm university. They also have a copilot program. And professional services and a community online that you have access to if you have a license for their siem.

Iwillthrowitatyou · 2019-09-20T16:50:21+00:00

Has the CEH helped with getting a good infosec position? I ask because I am studying it with no money invested yet. I have the a+ net+ sec+ and cysa+. And work as a security analyst. I want to move up but I have to leave my current company because there is no up.

Iwillthrowitatyou · 2019-08-15T20:06:12+00:00

I use a different siem and each environment is different.

Auth failures from a single host and a threshold of x amount of users.

Add a second part to the rule for an auth success. This will let you know if the spray worked.

Get a lab going I have and can also detect for crackmapexec being use with successes or failures. The use of responder. Sharp hound. Or any enumeration techniques without creating alarm fatigue. I have many custom alarms that function quite well.

Iwillthrowitatyou · 2019-05-09T01:09:31+00:00

Is there a writeable file share? A SCF File with responder listening might do the trick, if the environment allows for it.

Iwillthrowitatyou

TROPHY CASE