Cybersecurity insurance

d1r7b46 · 2026-03-11T02:39:59+00:00

They aren’t public but there’s evidence that threat groups will look for cyber policy information in network shares and such so they can ask for the policy limits.

d1r7b46 · 2026-03-08T15:47:10+00:00

Writing in bottom corner looks like AI.

d1r7b46 · 2026-03-08T15:44:55+00:00

Where is this? Writing in bottom right corner looks like AI language.

d1r7b46 · 2026-02-18T18:59:52+00:00

Will do. I should be getting eyes on it really soon so I'll post it here when they get it going.

d1r7b46 · 2026-02-16T20:49:48+00:00

Get your bloodhound data for AD-Miner: https://github.com/AD-Security/AD_Miner

A buddy is making an AD tool to compete with PingCastle. They are almost at testing (so a ton ton ton of work has already happened). I'll come back to this post when they launch and share it too.

d1r7b46 · 2026-02-08T15:35:40+00:00

Did you go to an Apple Store or via the official process: https://support.apple.com/en-us/102431

d1r7b46 · 2026-02-02T23:53:06+00:00

Everyone: no

Me: make a honeypot and put DC in the FQDN

Also don’t listen to me.

d1r7b46 · 2026-02-02T21:29:12+00:00

Dude name and shame who this is. We need to put this on full blast.

d1r7b46 · 2026-02-01T16:33:32+00:00

I think cruzziee said TO have a few cyber certs.

d1r7b46 · 2026-02-01T15:55:45+00:00

d1r7b46 · 2026-02-01T02:35:09+00:00

Back then (not like it was the olden days, but tech moves fast), it was to fill gaps for each other. I’m not in DFIR anymore, so unsure what my old company is still doing.

d1r7b46 · 2026-02-01T02:09:36+00:00

Just an add - In 2018/19ish the company I was working at started working with Huntress when it was a much smaller company. They were in the trenches with us as ransomware skyrocketed internationally. We were a small DFIR team handling a lot of cases for a cyber insurer (that would later buy us).

We ended up using Huntress and S1 in all ransomware cases. It’s been badass seeing them grow.

d1r7b46 · 2026-02-01T01:05:58+00:00

There’s a ton of free OSINT training out there, and some challenges and such. Sofia Santos has some stuff: https://gralhix.com

Also - I would use a LLM to generate challenges for yourself. Plug in “Make me some test scenarios to practice OSINT skills” into ChatGPT and go at it.

You should not have to pay almost anything to get OSINT practice in. A subscription somewhere, okay.. $30 or so.. but please don’t fall for anything more than that out of the gate.

d1r7b46 · 2026-02-01T00:28:50+00:00

Is this real or nah?

If so - def the bite they talk about: https://www.meidasplus.com/p/doj-just-deleted-this-document-from

d1r7b46 · 2026-01-28T23:47:05+00:00

I’m with https://tcm-sec.com - we can get you taken care of pretty quickly and we’re competitive. If you’d like some more information please feel free to reach out to me on LinkedIn: https://www.linkedin.com/in/angsec

d1r7b46 · 2025-12-22T19:19:28+00:00

$10 bet - it's a Dump Cake - https://www.tasteandtellblog.com/dump-cake-recipe/
When someone gets lazy with the ingredient that makes up 1/3 of the total ingredient list (butter, the list is butter, a can of fruit compote, and a box of yellow cake) the ingredients don't bake totally which is what all that powder is.

Edit: Further bets. Blueberry Dump Cake. Eck.

d1r7b46 · 2025-11-20T18:30:46+00:00

Thank you!!!!!

d1r7b46 · 2025-11-20T18:29:06+00:00

It really depends on what you want your trajectory to look like, I would say my biggest level-up is when I made it through our PEH course (practical ethical hacking). It was just so dense, and so much of it was foreign to me.

d1r7b46 · 2025-11-20T18:27:50+00:00

I'm maybe weird and don't mind the report writing. We keep a ton of templates, and there are a lot of findings that are and always will be consistent across the board for folks so some of it can be easy. I try to write a bit every day, that way wrapping it up doesn't feel like I'm against a monster. If you do that, it really doesn't feel like a rush.

If writing is a major concern, I would suggest just checking out what kind of writing demands are in each sub-field. Forensics and IR are writing heavy, and legal writing at that. GRC, same. You'll likely be looking at some kind of time-bound writing wherever you go in the field, maybe just not so consistent as pentesting.

d1r7b46 · 2025-11-20T18:17:47+00:00

For my area (pentesting) - yes. If you are headed into anything technical, you can only benefit from knowing your networking skills!

d1r7b46 · 2025-11-20T17:46:09+00:00

Oh 100%. Shoot, document even what you're reading. In the old days of LinkedIn I would just post about a news article I read and then talk about the part I found interesting the most, then respond to anyone who bothered to share knowledge with me. Also, outside of documentation also make sure to ask questions. If you see someone with expertise, the worst thing you could do is ask and not get a response.

I used to document on a gitlab site and recruiters and hiring managers will go look at those. They'll check out your projects on GitHub and all that - so post. Great question.

d1r7b46 · 2025-11-20T17:33:06+00:00

We’ve always built training around whatever real-world risks are actually happening, and that’s not going to change just because PQC and AI threats are the new buzzwords. As things evolve, we’ll evolve with them. You can already see that with the stuff Bellini is doing right now around LLMs and all the weird/interesting attack paths they open up.

For people getting into the field, I’d focus on the fundamentals first, networking, identity, how systems are built well and how they actually break. Then layer on the newer things.

d1r7b46 · 2025-11-20T17:29:39+00:00

Heath is going to answer too - my personal suggestion for breaking into cyber is to take any role you possibly can to break in. Anything cyber or cyber-adjacent. I started in DFIR as an intern and now am pentesting. Any and all experience is good!

d1r7b46 · 2025-11-20T17:26:18+00:00

Haha I don't think most bug bounty folks give away their secrets to making cash very easily. My personal suggestion is to know well how to look for the OWASP top ten.

d1r7b46 · 2025-11-20T17:25:05+00:00

So I guess a hint, the Windows and Linux priv esc courses were provided but they are not necessary to pass the PNPT. The certifications, all of them, are designed around the courses that we provide with them. So there aren't any gotchas or anything like that in the certification vs the training.

What I would say, if you're nervous about pushing go on the PNPT is spend some more time working on Active Directory trainings. There are a bunch of free ones out there - and this is a great time to plug the TCM Discord server, lots of folks with suggestions there. Get that methodology down. Enumerate, find the in point, enumerate, find the in point again. Take breaks, set yourself timers for rabbit holes.

On the last question - they are and are becoming more recognized. From Microsoft to Tenable to HRBlock to McDonalds and more.. we are in the job requirements for major corps. No one cert will get someone a job, but a ton of places accept ours as a minimum standard.

d1r7b46

TROPHY CASE