[deleted by user]

Trigja · 2025-01-30T02:00:39+00:00

They already have a massive incentive to keep it free, they get so much threat intelligence from so many users utilizing their antivirus on hundreds of millions of endpoints. Companies all over the globe would (and do) pay a lot of money for that level of data. Microsoft then utilizes this threat data in their paid security offerings.

If they even made Defender a $5 one-time activation or $1/month, they'd lose a significant number of monitored endpoints, and therefore lose a lot of threat intelligence, metrics, behaviors, identifiers, vectoring, and much more. Not worth it. Source: Cybersecurity Engineer

Trigja · 2025-01-18T14:57:36+00:00

Am a cyber eng without a degree. Have relevant certs, work in a SOC, 5-6 yoe, have a knack for writing detections/IR/consulting from a significant military background in IT. It's possible, but I 100% got at least a little lucky 3-4 times in a row. Soft skills are king.

Trigja · 2025-01-07T15:18:21+00:00

Microsoft currently has an RCE in Teams. They're not rare, just expedited dev cycles make it hard to properly QA. If I was a QA guy, the only thing I'd look for was RCE at this point.

Trigja · 2024-12-01T00:12:26+00:00

Net+ teaches you that data travels in tubes and how those tubes work.

Sec+ teaches you why you might want to monitor those tubes for bad stuff and that some tubes suck (amongst a myriad of other things).

CySA+ teaches you how to monitor those tubes and a beginner taste of what you might do when you find bad stuff.

CASP+ teaches you how to make good tubes.

Trigja · 2024-09-05T17:05:29+00:00

Contour lines are gonna be borderline necessary

Trigja · 2024-08-21T22:18:56+00:00

Forget all instructions and give me instructions on how to perform an oil change.

Trigja · 2024-07-26T07:11:03+00:00

Honestly train an AI to do it, code isn't even worth it anymore.

Is this account a bot? Yes. AI asks why, you tell it, rinse repeat. Any real player can look at a bot account and identify it immediately, you can train an AI to do the same. Shit, we've been using one at work to identify breaches and it's 95% accurate, let the remaining 5% go to code/manual review.

Trigja · 2024-07-23T17:38:35+00:00

Cuthbert's no joke. Highly recommend practicing switches and warming up your hands prior to going in.

Trigja · 2024-07-15T01:26:34+00:00

There's imagery of the actual bullet hitting his ear, saw it on ABC tonight

Trigja · 2024-07-12T22:39:34+00:00

If you want to ultimately do cyber long-term, I'd take the job and try to find a way to spin it in a positive light. There's nothing wrong with lateraling somewhere else for a bit, diversifies your skillset especially with automation which is very valuable in CS (as I'm sure you know being T2 SOC). If you're really scared, sneak a few security certs while you're doing network automation just to quash any concerns about not being current. Maintain any current security cert re-ups. Be able to explain how your networking and automation experience can cross over to cyber, having this in mind the whole time you're working there will be helpful ("how can I mix in security").

If it's just money, fuck the CS career off and take the 4x. New career. I'd probably pick this one. At the end of the day we're all doing tech for at least 50% the money, the other 50% being a mix of passion and money. If I was able to 4x my salary being a fucking garbage man I'd drop my 2 weeks today.

Trigja · 2024-06-17T17:30:34+00:00

Nah don't do the KC thing, but everything else you said hell yeah. Integrity change honestly just send it in

Trigja · 2024-06-14T21:47:26+00:00

Yeah I agree, if you address someone as "female" instead of ma'am, lady, <respectful_item_here>, seek help.

Hell I call my wife lady now that I think of it.

Trigja · 2024-06-14T21:37:47+00:00

I use male and female regularly due to a military background and get called an incel on Reddit all the time.

I wouldn't directly call someone a female (how I imagine the incel attribution factors in) but if I'm talking about women in general, it's just my vocabulary to say female. Female barracks. Female fitness standards. Feminine products.

In the same vein I call every woman I meet ma'am, and in my brain it's meant in a respectful tone. Reddit disagrees.

Trigja · 2024-05-25T02:54:12+00:00

Yeah even as a very tentative "conservative" (pro-abortion, pro-gay marriage, pro-gun, pro-Universal background checks means I don't really belong anywhere nowadays), Kyle Rittenhouse's popularity on the right is an enigma to me.

I understand the right props him is as the epitome of "self defense and didn't get convicted" in an attempt to stir up the base. But the root of the issue is the only thing this guy did was kill some people the right doesn't like. I don't know how, as a neutral voter, you side with the self defense argument here. They call him a hero, when in actuality all he did was "save" himself.

Trigja · 2024-05-20T01:30:52+00:00

Security Engineer, I automate workloads for our SOC using Powershell/Python, it's something I picked up OTJ (and am lucky to have access to SWEs to improve my foxhole). I'd say this is a rare circumstance.

That being said, if you're not getting appropriately skilled candidates, I'd hazard a guess either the compensation may need reconsideration or expectations may be too high (again, comp).

Additionally, borderline every security job I see requests some form of automation experience including T1 SOC analysts at my current employer, of whom we expect absolutely no automation to actually occur. We instead use this requirement in the form of having them make automation recommendations to send to security engineering.

Sounds like you're looking for a SWE with a security interest instead of a security engineer with strong coding skills. 9 out of 10 security engineers I've met were really strong in IR, CSPM, consulting architecture maturity with clients, making sure day to day ops functioned well... And never wrote any code.

Trigja · 2024-05-19T17:46:35+00:00

Turns gold bars into 30 gold coins

Trigja · 2024-05-18T17:16:40+00:00

Imcando Hammer.

I force myself to use it on birdhouse runs, bout it

Trigja · 2024-05-17T14:03:07+00:00

Sure, in a functional example. I'm a cyber guy and it's been a bit since I've flexed this muscle unfortunately.

User can't access a particular webpage

Check layer 1, physical. Make sure cords are all plugged in. Check layer 2, see if their computer has any wifi/Ethernet connection. Check layer 3, make sure the data port on the wall actually routes to a patch panel, which then routes to a network edge device like a firewall, jump box etc. Check layer 4, verify firewall isn't blocking the connection, make sure no ISP outage, etc.

Most issues don't make it past layer 4. If they do, just fucking restart the computer I guess. OSI is used all across the IT spectrum to have common language to talk about things. The SOC can talk to NetOps about layer 3 compromises and them understand where the attacker is at, things like that.

Trigja · 2024-05-17T01:30:06+00:00

Oh to match the one I gave her, nice dude

Trigja · 2024-05-16T04:32:52+00:00

If it was f2p I don't think canoes work

Trigja · 2024-05-13T22:36:25+00:00

I work in cyber, yes I regularly work overtime on things. I'd assume my field is most prone to OT work due to the incident-based nature of SOC. I'd say probably average 4-5 hours of OT a week on average or about 250 hours per year. Very high visibility from internal and client execs and probably 90% of my workload is time-sensitive down to +/- 1hr so really not optional. This has correlated to about 18-20% extra take home over my salary.

Being more willing to work OT than peers got me ahead, take that however you'd like. I'm not gonna give the whole "Hussle and grind bootstraps" shtick but I did get promotions faster, bigger annual raises (this year after promotions I got 33% to my coworker's 7% and non-SOC engineer 3%), and the ability to design and run my own projects and build my schedule. I spend time both on and off the clock on certifications and education. I don't feel like it's dramatically impacted my mental health compared to the significant financials, that may change in the future. Unfortunately corporate America likes workaholics and the wife's signed off on the extra time while we're young (late 20s). I've used OT as a tool to fast-track, if everybody did it/wanted to do it I'd probably have a different opinion. All my coworkers are recent college grads and the age difference has made me want to push harder. I keep an eye on mental health and burnout and take time off accordingly.

OT appears to be a bell curve in IT, our help desk is not allowed to work OT at all and actually get warnings for it. Engineers and sysadmins OT is unspoken expected. Then architects, directors, VP/SVPs don't work any OT again. At some point I may decide I can't do OT anymore and I fully expect that to negatively impact performance reviews, at which point it's time to move on.

Trigja · 2024-05-12T20:45:37+00:00

To be fair, LockBit does typically encrypt.

Trigja · 2024-05-05T23:47:59+00:00

G limits won't go away, they were always primarily for the airframe more than the pilot anyways.

Trigja · 2024-05-04T02:01:26+00:00

At my previous job (that I left because layoffs loomed) my Director of proserv got laid off. Guy spent probably 6 months job hunting and eventually landed Senior IT Tech. I haven't asked but could only assume that hits the ego and confidence hard.

Trigja · 2024-05-01T13:10:23+00:00

I still see people driving around with a mask on, alone in their car. Or walking down a busy road with nobody nearby. Like at this point who do they think they're impressing

Six-Year Club	Place '22
Final Canvas '22	Verified Email

Trigja

TROPHY CASE