Hey everyone! My name is Mike and I write about #infosec, #tech and other things at https://shellsharks.com. I'm currently running an event this week I refer to as >Shark Week (https://shellsharks.com/sharkweek), which is essentially just me posting some sort of "content" each day for the entire week, coinciding with actual...
Hey Fedia-folk of /m/cybersecurity! Wanted to get a quick pulse-check and collect some thoughts from the community here regarding their usage both current and future. I'll...
Couldn't find a poll option so I guess people can just weigh in on their thoughts here. I've been a "CISSP-holder" since 2015/2016-ish and have always had the renewal fees paid for by my employer. My renewal date has come and unfortunately I don't think I'll be getting any employer assistance paying the fee this time around. Is...
Hey infosec/cyber/tech folks of the fediverse! With reddit being a mess coupled with my interest in becoming more fedi-active/aware, I wanted to share out my site/blog where I post mostly about cyber and tech but also venture into other non cyber/tech stuff. Check it out and find me on Mastodon if you want to connect or chat!...
Anyone familiar/have experience with conducting a Crown Jewels Analysis (CJA)? MITRE’s SEG (“Systems Engineering Guide”) has a process for doing this (page 167) but there are certainly other methodologies. Am working on something like this so any anecdotes would be cool to hear about!
Now here’s two tools I wish I was more experienced with - Semgrep and Jupyter. Beyond this cool article from NCC, I’m interested to hear from anyone who uses either one of these tools. How did you get started, what do you do with them, etc…