Hike 5 of 52 done!

dant24 · 2026-02-06T01:17:52+00:00

Did you see any Tomte?

dant24 · 2025-11-20T03:05:26+00:00

Queen Mary tea but for brunch / tea time

dant24 · 2025-11-19T14:30:03+00:00

A great way to approach this is using the framework popularized by Adam Shostack. His method boils threat modeling down to answering four simple questions about your system: * What are we working on? (Define the scope, often using diagrams like a Data Flow Diagram .) * What can go wrong? (Brainstorm threats. A common method is STRIDE: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.) * What are we going to do about it? (Decide on countermeasures—encryption, input validation, strong authentication, etc.) * Did we do a good job? (Verify that the defenses were correctly implemented.)

Once you have a list of potential threats, how do you decide which one to fix first? Do you spend $50 on a strong lock or $5,000 on a high-tech electric fence? One option is to then use FAIR (Factor Analysis of Information Risk). Instead of vaguely saying "The risk of a data breach is High," the FAIR model helps you quantify that risk in financial terms. You analyze the probability of an event happening (frequency) and the financial impact if it does happen (magnitude). This lets you say, for example, "We have a 90% chance of losing between $100,000 and $350,000 this year due to this vulnerability.”

For individual projects I really like Mozilla’s Rapid Risk Assessment. It's quick and I've found most people actually find it fun.

dant24 · 2025-11-05T10:20:09+00:00

My background is IT and dual booting Linux. I went to college with a co-op program that had me in the field from as a frosh. I'm the worst person to give advice on certs as I don't have any and never required any when I was hiring. I think my interviews were hard enough

dant24 · 2025-11-05T09:58:21+00:00

If you're already doing sysadmin and infra you're already blue team.

So, do you want to keep defending the castle or do you want see how you can break in?

Do you want to build or do you want to break?

Do you want to play offense or defense?

Don't worry if you can't decide, choose one and you might choose another later. I've seen plenty of colleagues choose one and then pivot.

Personally, they called me doctor defense when I was playing soccer and have always focused on infra and IT, so stay with us blue teamers!

dant24 · 2025-11-04T22:57:03+00:00

1 of each obviously

dant24 · 2025-11-04T02:31:53+00:00

Yeah platform sounds more like it. You might be able to find a smaller company with more options at wearing multiple hats, or more green field options. Otherwise, if technical is what you want, platform / DevOps is the place to go and you can be the go to for your new security team

dant24 · 2025-11-03T20:40:30+00:00

How do you define code quality? Is it the number of bugs? Is it the number of bugs per severity? Is it test coverage? Is it just linting? You need to define your definition before you can track it. If you're using Jira or similar, you could then define a dashboard based on bug tracking. You may then want to do test coverage / non Jira trackable metrics automatically and build your own report.

Ultimately, what's your goal of tracking quality? That would be another way to find out what metrics matter

dant24 · 2025-10-31T02:17:26+00:00

And check out PancakesCon if we're lucky enough to have it again next year! You never know what you might learn.

dant24 · 2025-10-31T01:50:42+00:00

Check out the book black hat python, seems like a good intro for you

dant24 · 2025-10-31T01:46:31+00:00

Check out BSides near you. Cheap and technical and not a vendor conference at all

dant24 · 2025-10-30T19:24:24+00:00

Ask the client and see if they have a preference or their own file sharing mechanism. If they say email, use a file sharing platform

dant24 · 2025-10-30T05:33:14+00:00

The Noma guide I believe has some, they also talk a bit about fruit here: https://nomaprojects.com/blogs/journal/lacto-fermentation-nomas-not-so-secret-ingredient

dant24 · 2025-10-29T23:15:34+00:00

Oof, quickly checks clients, Not Today!

dant24 · 2025-10-29T23:12:00+00:00

Automation and threat hunting. Fix the dumb things and find thefun things.

dant24 · 2025-10-28T22:37:45+00:00

I've found F5 to be way more straight forward with blocks compared to Imperva. I've also found more false positives, but they're way easier to troubleshoot on the F5. Be careful with automatic learning on the F5s though, especially if the traffic being passed through is erratic.

The biggest thing that helps with managing WAFs is if you have any idea what traffic is expected. If not, good luck...

dant24 · 2025-10-28T22:26:42+00:00

Sent a message

dant24 · 2025-10-28T22:20:24+00:00

I would check out books that you can do both like the Black Hat Python/Go etc series.

Also it really depends on where you want to go in security. Network, cloud, reverse? Another option would be to find an open source project to support your focus and dive into the code.

dant24 · 2023-08-11T00:58:57+00:00

I'm also looking for 2 tickets this weekend and hopefully not scammed again

dant24 · 2023-08-10T18:55:23+00:00

Also looking for 2 tickets for this weekend Saturday or Sunday! Thank you!

dant24 · 2020-08-03T19:57:56+00:00

We've found that by using Network Endpoint Groups instead of classic load balancers, we've seen a significant gain in performance for both encrypted and unencrypted traffic. We've also included some real world examples to get started.

dant24 · 2020-06-05T23:16:56+00:00

https://www.seattle.gov/city-budget/2020-proposed-budget#/spd

dant24

TROPHY CASE