I know someone … Truth is, I really do. Quite a few, actually, and I want to share that wealth of skill & knowledge here with you. I’ll keep adding to this list. If you’re on this list, this is me showing my gratitude and respect in the best way I know.
NOTE: This is a work in progress
Career / Getting Started In:
Learn from the best. Katie Nickels researches and writes about attacks and adversaries, and her work is of tremendous value to those of us in this field. She has a blog which is full of good things, and has put together this post Getting Started in Threat Intelligence.
ALL things Mitre ATT&CK! Visualizing ATT&CK by Andy Applebaum
“Building a Threat IDentification Program to Better Manage Risk: The Key Pillars by Itzik Kotler with Colin Connor
Implementation Framework _ Cyber Threat Prioritization by Troy Townsend and Jay McAllister
Threat Intel Resources:
This is a goldmine. Seriously. https://github.com/hslatman/awesome-threat-intelligence/blob/master/README.md
Per the author: The objective is to create a blacklist that can be safe enough to be used on all systems, with a firewall, to block access entirely, from and to its listed IPs. http://iplists.firehol.org/
Understanding Risk and Risk Management:
Do not pass GO. Do not collect $200 if you cannot explain succinctly what risk actually is and why it is the language you use to explain threat intel in to the C Suite. Taking the advice from SANS CTI summit and sharing this resource, The FAIR Institute and the book shown here, which is “the only international standard quantitative model for information security and operational risk.”
Fun, informative. You should only know how invaluable I have found these. They’ve led to great talks, blog pieces, opportunities to help other people. Here are my favourites
Brakeing Down Security: Having been a guest on the show, I can honestly say Bryan is a gifted host at getting his guests to tell their story. Brian and Bryan team up to deliver cutting edge technical insights with fascinating guests and community leaders.
Defensive Security: Jerry and Andrew are my weekly listen for a great dissection of what’s going on. Irreverent and funny, they give a good technical explanation without a deep dive, especially networking. But what I appreciate is their ability to teach the importance of governance and compliance alongside the issues – not easy or appealing but essential. I owe these guys a lot.
Risky Business: These guys know their stuff, and are bitingly on point when doing their weekly rundown of events. Patrick and Adam have no problem telling it like it is, and you’ll be laughing out at how funny brazen can be. I know I’ll get my dose of current events straight up, along with a great list of guests.
Advanced Persistent Security Podcast: Hosted by Joe Gray and featuring a great mix of experience and skills from our InfoSec community.
PVC: Ed, Paul, Chris and Tracey combine diverse backgrounds, skills and attitudes to look at security through the lenses of leadership, privacy, data science and humour. Which works for me! They feature great guests from the community, and share the fun of the cons they attend. Be advised: each show opens and closes with them singing.
Down the Security Rabbithole: What a lot of folks can’t grasp is the link to business, and where governance and legalities weigh in. Unless we get business to literally buy in, to put the funds behind the security effort, it ain’t gonna happen. I’ve found that Raf, Michael and James are really good at explaining current stories through this lens
Covert Contact: Because I am a Poli Sci major. And it’s all about connecting the dots, big picture thinking, and playing “what if”. John Little indulges my fascination with world affairs and hits on the keynotes for me. Especially his focus on Russia and Putin with William Tucker. We know the games nation states play directly impact security at any level.
http://www.irongeek.com/ If you want to learn, watch the talks people give at Cons. And Irongeek is usually the guy recording those. Here is the treasure trove. Dive in!
Check if you’ve been compromised:
Have I been Pwned this site by Troy Hunt shows whose email got caught up in the breach. You need to check yours. Now.
Has My EMail Been Hacked because from experience this has caught other stuff.