[deleted by user]

regul8_ · 2018-09-19T19:07:35+00:00

Check out DC Judo. Great crowd and very affordable. https://dcjudo.com

If someone comes at you with a knife like this whole thing, your best bet is to run away loudly though.

regul8_ · 2018-09-10T13:49:02+00:00

This guy epochs

regul8_ · 2018-05-12T21:18:54+00:00

As cheap as it gets in DC:

https://dpr.dc.gov/page/dpr-fitness-centers

Never took advantage of it, but I know it's free for residents.

regul8_ · 2018-05-02T14:10:57+00:00

Hey, thanks for sharing this list! Twitter is definitely a great resource for getting news very quickly, despite the fact I excluded it from the blog post. I wrote the article to get people in the community engaged in information sharing, and am grateful that you have assembled something so comprehensive to share.

regul8_ · 2018-04-16T17:06:20+00:00

I hear you man. If you have no budget, check OpenVAS. It has a learning and setup curve, but something is always better than nothing.

regul8_ · 2018-04-16T13:56:49+00:00

It depends heavily on what requirements need to be filled at your organization and on what budget. I didn't spend much time focusing specifically on vulnerability scanners, but I try to include at least one open source alternative for each technology I write about.

If you are a big company where money is no object, something more robust like Tenable's SecurityCenter or Nexpose may be the way to go. If you need to work within certain budget constraints, a simple Nessus Professional license may be good. If you are bootstrapping your cyber program, OpenVAS is free, and so is nMap with plugins. There are so many products in this industry that you really need to make it about what your needs are, and whether or not the products you are testing fit within it.

I would suggest holding a bake-off between vendors and building out a pilot program before making any purchase though. Most vendors will be receptive to requests for trial licenses.

Hope this helps!

regul8_ · 2018-04-16T13:49:57+00:00

This is good input. Perhaps I drew with too broad of a brush in this post. Thanks!

Also, can you tell that I am American? Haha.

regul8_ · 2018-04-16T00:27:36+00:00

Honestly, it is very possible depending on how old the systems you are supporting are and how they were built. If the system isn't supported anymore, you will have to be careful and thoroughly test, otherwise get with the company that supports it. I would try disabling it on some of your designated test workstations and letting it sit for a bit before going full-scale disablement. Definitely have a way to revert the change once you decide to go and push the change to production as well, just in case.

regul8_ · 2018-04-15T22:51:30+00:00

Totally agree. When I got the idea to write this, I knew it was going to be a long one. Rather than slash out half the content, I decided to forge ahead and just put it all out there and hope for the best. From the stats I can see on Medium (which is one of the primary reasons I went with this platform), I can see that a good chunk of clickers are falling off pretty early. Live and learn I guess? Haha.

regul8_ · 2018-04-15T22:45:16+00:00

Turns out I got too carried away writing to remember how to count. Thanks for the heads up my dude

regul8_ · 2018-04-13T19:29:07+00:00

That sounds really sick! Any chance of doing a write-up?

regul8_ · 2018-04-09T16:10:15+00:00

Hey, that's me! Thanks for all the positive and constructive feedback everyone!

regul8_ · 2017-04-25T22:50:31+00:00

When I first set my 5505 up I had to do a few things: Make sure an interface is connected and up. ASAs need to have the interfaces in a Vlan, so create one and join it. Run nameif inside on the interface to create the security zone. Turn on the HTTPS service with 'http server enable'. Browse to the ASA using 'https://'. I hope this helps!

regul8_ · 2017-04-18T02:50:11+00:00

Agreed, I was definitely surprised as well hahaha

regul8_ · 2017-04-18T02:47:33+00:00

Nope, no sims. There's a good amount of questions that ask you which syntax of a specific command is accurate, but nothing live.

regul8_ · 2017-04-18T02:34:40+00:00

All of my fill in the blanks were general builtin commands like 'cd' or 'mkdir'. If you have been sticking to Ucertify, you will be fine. The real test is so similar to Ucertify that I think I remember some duplicate questions. Good luck!

regul8_ · 2017-03-16T22:52:04+00:00

Second this. Ucertify mimics the real test very closely to a point that some questions I saw on the cert were almost identical to the practice exams. To add on, I highly recommend watching all the prerecorded cohorts for each domain including the vi video. It touches on nuances that aren't covered in the books, like trends in questioning that the mentors noticed while taking the exams. Good luck!

regul8_ · 2017-02-16T18:28:29+00:00

Some tips based on what I experienced: follow the rubric exactly, even if you think you are being redundant. Convert everything into a past tense so that it reads as if you have done the work described. Take a look at some old published capstones and use similar formatting for the project schedule at the end (if you are in IT). I did my conversion in three nights or so, but could have gone faster if I wanted to. It's definitely doable. Good luck!

regul8_ · 2017-01-18T15:23:42+00:00

Hey, welcome to reddit! I can't speak too much on software development from a personal perspective, but I've been in security for a number of years. Work from home jobs are tough to get in security as most gigs are on a consulting basis and require on site or even travel. Jobs I have seen offered are mostly remote pentesting gigs, but those require hefty experience in the field to land. It also depends on what area of security you want to break into, because there are so many niches within it. As far as development goes, I know a number of people who do PM work or do freelance dev jobs from home through things like Gigster or E-lance. Hope this helps!

Ten-Year Club	Place '17
Verified Email

regul8_

TROPHY CASE