Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)NO
Posts 0
Comments 72
What are You Working on Wednesday
  • I set up Netbox recently at work to try and improve the abysmal documentation situation. I use an Ansible playbook to provision and set up the server, then copy a docker compose file and start the containers. So far I'm loving Netbox, I just wish my predecessors had documented things from the start.

  • How does ransomware get into major networks, such as schools or other large public agencies?
  • It is a great step but it's rare to have enough buy in from upper managent to enforce any real consequences for repeat offenders. I've seen good initial results from this kind of phishing testing, but the repeat offenders never seem to change their habits and your click rate quickly plateaus.

  • Reacting to "It's the network" allegation
  • A little late, but here is what I usually do when a ticket like that comes in:

    1. Check monitoring. It's quick and easy to check so I'll look before even asking any clarifying questions. If there is a real network problem at a site, 95% of the time its going to show up on our monitoring dashboard. Everything from ISP outages to device failures show up here.
    2. Ask for more details about what they are trying to do. What is the goal? What are you doing? What is happening? What should be happening? When was the last time it worked?
    3. Based on those details, I can usually put together a good guess as to what might be going on, so i'll test that theory out and see if i'm right.
  • Mentorship Monday - Discussions for career and learning!
  • I just started my first official cybersecurity position at a medium size company in an industry that is currently being heavily targeted with ransomware.

    I'm starting pretty much from scratch as they have not had a dedicated security role in over a year and my predecessor didn't make much progress. So far i've been focused on inventory lists, policies, and procedures for hardware, software, and data. I think we're doing okay with minimizing stuff thats internet facing and patching is in a good place (well, at least with the devices and os's that are still supported).

    Any suggestions on where to go from there or what to prioritize?

  • Mentorship Monday - Discussions for career and learning!
  • I'm studying for CCSP right now. It's fairly general and tries to be vendor neutral but Architecture is one of the knowledge domains on the exam. Might be worth it if you meet the work requirements or experience waiver requirements.

    A lot of people also seem to conflate it with the CISSP when it comes up in conversation I've noticed.

  • What book(s) are you currently reading or listening? 01 December
  • Oh I highly recommend it. As a kid I read a lot of his work and my favorites were the Cask of Amontillado and The Tell-tale Heart. I still love those ones but I feel like I can appreciate the poetry and other stories now.

    Another series I've gotten a lot of mileage out of revisiting was Calvin and Hobbes funny enough.