7MS #386: Interview with Ryan Manship and Dave Dobrotka - Part 4
7 Minute Security1 Nov 2019

7MS #386: Interview with Ryan Manship and Dave Dobrotka - Part 4

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

I'm sorry it took me forever and a day to get this episode up, but I'm thrilled to share part 4 (the final chapter - for now anyways) of my interview with the red team guys, Ryan and Dave!

In today's episode we talk about:

  • Running into angry system admins (that are either too fired up or not fired up enough)
  • Being wrong without being ashamed
  • When is it necessary to make too much noice to get caught during an engagement?
  • What are the top 5 tools you run on every engagement?
  • How do you deal with monthly test reports indefinitely being a copy/paste of the previous month's report?
  • How do you deal with clients who scope things in such as way that the test is almost impossible to conduct?
  • How do you deal with colleagues who take findings as their own when they talk with management?
  • How do you work with clients who don't know why they want a test - except to check some sort of compliance checkmark?
  • What is a typical average time to complete a pentest on a vendor (as part of a third-party vendor assessment)?
  • How could a fresh grad get into a red team job?
  • What do recruiters look for candidates seeking red team positions?
  • If a red team is able to dump a whole database of hashes or bundle of local machine hashes, should they crack them?
  • What do you do when you're contracted for a pentest, but on day one your realize the org is not at all ready for one?
  • What's your favorite red team horror story?

Avsnitt(690)

7MS #58: What Should We Do First? (audio)

7MS #58: What Should We Do First? (audio)

At the end of just about every assessment I deliver, the client asks “What should we do first?” They (understandably) want to know a “top 5″ list of things they should change right away to improve their security posture. Today’s episode explores that a bit. 7MS #58: What Should We Do Next? (audio)

5 Maj 20158min

7MS #57: How to Review a Firewall (audio)

7MS #57: How to Review a Firewall (audio)

In this episode I talk about a few different ways to approach firewall reviews/audits. This document was very helpful in getting my template started. Also check out Nipper if you’re looking for a firewall review/audit tool. 7MS #57: How to Review a Firewall (audio)

30 Apr 20158min

7MS #56: OFFTOPIC – Catching Up and Blowing Noses (audio)

7MS #56: OFFTOPIC – Catching Up and Blowing Noses (audio)

A few offtopic things: What you can expect as far as a podcast release schedule going forward Two suspicious charges that showed up on my credit card while out of town! 7MS #56: OFFTOPIC – Catching Up and Blowing Noses (audio)

28 Apr 20158min

7MS #55: OFFTOPIC – What’s in Brian’s Murse? (video)

7MS #55: OFFTOPIC – What’s in Brian’s Murse? (video)

Ok I don’t really have a murse, but I wanted to do a short video(!) podcast to show you some sorta-security-related gadgets that I’ve been nerding out on the last few weeks. 7MS #55: OFFTOPIC – What’s in Brian’s Murse? (video)

22 Apr 20156min

7MS #54: Traveling with a Red Giant (audio)

7MS #54: Traveling with a Red Giant (audio)

If you’re concerned about your credit/debit card security, you might want to give Red Giant a try. It’s a service that provides a debit card you can unlock *only* when buying something. It’s cool. Oh, and Red Giant is NOT sponsoring this episode. If I ever get sponsors, I’ll disclose them clearly. :-) 7MS #54:…

16 Apr 20157min

7MS #53: Are You Ready to Get Robbed? (audio)

7MS #53: Are You Ready to Get Robbed? (audio)

Business DR plans are a hugely important – and often overlooked – piece of the infosec puzzle. But what about at home? If you got run over by a bus tomorrow, would you have good plans in place to help your partner/spouse take over the tech side of your household? That’s what we’re talkin’ about…

14 Apr 20157min

7MS #52: OFFTOPIC – My Son is Really Loyal (audio)

7MS #52: OFFTOPIC – My Son is Really Loyal (audio)

It’s another off-topic episode today. This one’s about how my eight-year-old son is fiercely loyal, and wants to settle a 25-year-old score for me. 7MS #52: OFFTOPIC – My Son is Really Loyal (audio)

9 Apr 20158min

7MS #51: CEH vs. OSCP (audio)

7MS #51: CEH vs. OSCP (audio)

A few people have written in asking whether to pursue the CEH or OSCP (or both). This episode discusses my experience with each cert and hopefully points you in the right direction on which one might be right for you. Here’s the article on CEH I mention during the episode – it has much more…

7 Apr 20157min

Populärt inom Politik & nyheter

svenska-fall
p3-krim
rss-krimstad
rss-viva-fotboll
flashback-forever
fordomspodden
rss-sanning-konsekvens
rss-vad-fan-hande
aftonbladet-daily
olyckan-inifran
dagens-eko
rss-frandfors-horna
motiv
svd-dokumentara-berattelser-2
rss-krimreportrarna
krimmagasinet
svd-nyhetsartiklar
blenda-2
spotlight
rss-svalan-krim