7 Minute Security20 Helmi 2019

7MS #350: Interview with Lewie Wilkinson of Pondurance

Today's featured interview is with Lewie Wilkinson, senior integration engineer at Pondurance. Pondurance helps customers improve their security posture by providing a managed threat hunting and response solution, including a 24/7 SOC. Lewie joined me via Skype to talk a lot about a topic I'm fascinated with: incident response! I had a slew of questions and topics I wanted to discuss, including:

Fundamentals of threat hunting
- What is threat hunting?
- What are the fundamentals to start mastering?
- How can someone start developing the core skills to get good at it?
How can sysadmins/network admin, who have a busy enough time already just keeping the digital lights on, handle the mounting pressure to also shoulder security responsibilities as part of their job duties?
What training/cert options are good to build skills in threat hunting?
Lets say you know one of your users has clicked something icky and you suspect compromised machine/creds. You pull the machine off the network and rebuild it. How do you know that you've found/limited the extent of the damage?
Are attackers on networks typically wiping logs on systems as the bounce around laterally?
Anything to add to the low-hanging hacker fruit list?
Why is it so critical to not just have logs, but have verbose logs with rich data you need in an investigation?
When does it make sense to outsource some security responsibilities to a third party?

Learn more about Pondurance at their Web site and Twitter.

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(721)

7MS #721: Fun Professional and Personal AI Project Ideas – Part 2

Hello friends! Picking up the AI-automation series from a couple weeks back — here's another batch of scripts and integrations that have been giving me precious minutes (and sanity) back. Yes, I had t...

8 Touko 25min

7MS #720: Tales of Pentest Pwnage – Part 84

Hey friends! Today's another Tales of Pentest Pwnage! Quick tangent first on a couple side projects: I've got a music thing at quack.house (like the duck noise, not the drug) and a podcast with my dan...

1 Touko 43min

7MS #719: Baby's First OpenClaw

Hey friends! This week's episode is "Baby's First OpenClaw" – basically me shouting into the void hoping a smart listener will DM me and explain why this thing is supposed to be life-changing. Because...

24 Huhti 28min

7MS #718: Fun Professional and Personal AI Project Ideas

Hey friends! After last week's heavy episode about my wife's health scare in Punta Cana, today's is a lighter one. (Quick update: she's doing better – still recovering, but appetite's back and she's g...

17 Huhti 28min

7MS #717: I Gave Up My Wife's PHI (And I'd Do It Again)

Hello friends! Today's episode is a bit of a detour from our usual content — it's part vacation horror story, part security/privacy confession. My wife got seriously ill during our spring break trip t...

10 Huhti 48min

7MS #716: Tales of Pentest Pwnage – Part 83

Today is my favorite pentest pwnage tale of 2026 – and maybe ever! It centers around an ADCS abuse via an attack path I'd never seen before. Tips include: Use Netexec to pull Powershell history Try...

3 Huhti 33min

7MS #715: Tales of Pentest Pwnage – Part 82

Hola friends! Today's another fun tale of pentest pwnage. This time we started with no credentials and then set off on the bumpy journey from no-cred zero to domain admin hero! One specific referen...

27 Maalis 20min

7MS #714: Tales of Pentest Pwnage – Part 81

Hello friends! We're back with a fun tale of internal network pentest pwnage. This one highlights how AI can be used (with some guardrails!) to automate the boring stuff – and even help you pick par...

20 Maalis 22min