I know someone … Truth is, I really do. Quite a few, actually, and I want to share that wealth of skill & knowledge here with you. I’ll keep adding to this list. If you’re on this list, this is me showing my gratitude and respect in the best way I know.
NOTE: This is a work in progress
Career / Getting Started In:
Learn from the best. Katie Nickels researches and writes about attacks and adversaries, and her work is of tremendous value to those of us in this field. She has a blog which is full of good things, and has put together this post Getting Started in Threat Intelligence.
Threat Intel Resources:
This is a goldmine. Seriously. https://github.com/hslatman/awesome-threat-intelligence/blob/master/README.md
Per the author: The objective is to create a blacklist that can be safe enough to be used on all systems, with a firewall, to block access entirely, from and to its listed IPs. http://iplists.firehol.org/
Fun, informative. You should only know how invaluable I have found these. They’ve led to great talks, blog pieces, opportunities to help other people. Here are my favourites
Brakeing Down Security: Having been a guest on the show, I can honestly say Bryan is a gifted host at getting his guests to tell their story. Brian and Bryan team up to deliver cutting edge technical insights with fascinating guests and community leaders.
Defensive Security: Jerry and Andrew are my weekly listen for a great dissection of what’s going on. Irreverent and funny, they give a good technical explanation without a deep dive, especially networking. But what I appreciate is their ability to teach the importance of governance and compliance alongside the issues – not easy or appealing but essential. I owe these guys a lot.
Risky Business: These guys know their stuff, and are bitingly on point when doing their weekly rundown of events. Patrick and Adam have no problem telling it like it is, and you’ll be laughing out at how funny brazen can be. I know I’ll get my dose of current events straight up, along with a great list of guests.
Advanced Persistent Security Podcast: Hosted by Joe Gray and featuring a great mix of experience and skills from our InfoSec community.
PVC: Ed, Paul, Chris and Tracey combine diverse backgrounds, skills and attitudes to look at security through the lenses of leadership, privacy, data science and humour. Which works for me! They feature great guests from the community, and share the fun of the cons they attend. Be advised: each show opens and closes with them singing.
Down the Security Rabbithole: What a lot of folks can’t grasp is the link to business, and where governance and legalities weigh in. Unless we get business to literally buy in, to put the funds behind the security effort, it ain’t gonna happen. I’ve found that Raf, Michael and James are really good at explaining current stories through this lens
Covert Contact: Because I am a Poli Sci major. And it’s all about connecting the dots, big picture thinking, and playing “what if”. John Little indulges my fascination with world affairs and hits on the keynotes for me. Especially his focus on Russia and Putin with William Tucker. We know the games nation states play directly impact security at any level.
http://www.irongeek.com/ If you want to learn, watch the talks people give at Cons. And Irongeek is usually the guy recording those. Here is the treasure trove. Dive in!
Check if you’ve been compromised:
Have I been Pwned this site by Troy Hunt shows whose email got caught up in the breach. You need to check yours. Now.
Has My EMail Been Hacked because from experience this has caught other stuff.