Exploring the Defensive Security Handbook with Amanda Berlin

Summary:

In this episode of Exploring Information Security, host Timothy De Block sits down with Amanda Berlin, co-author of the Defensive Security Handbook, to discuss the evolution of the book, the challenges of writing for the blue team, and how it’s helping cybersecurity practitioners today. Amanda shares insights on creating accessible resources for security professionals and the importance of designing security that works for everyone, from SMBs to enterprise teams.

Key Takeaways:

  • Origins of the Handbook: Amanda reveals how the Defensive Security Handbook was born from her own challenges as a security professional and the lack of accessible, practical blue team resources.

  • Writing Process and Updates: The journey of creating the first edition and the significant updates in the second edition, including expanded cloud coverage and reorganized database content.

  • Designing Security for SMBs: Amanda highlights the unique challenges small and medium businesses face, from budget constraints to vendor complexities, and how the book aims to provide practical, scalable advice.

  • Balancing Technical and Practical: The handbook’s goal is to simplify complex concepts, making them digestible for newcomers while still useful for seasoned professionals seeking quick references.

  • The Importance of Empathy in Security: Amanda emphasizes the need for empathy in designing security tools and processes, especially for SMBs that lack dedicated resources or expertise.

  • Feedback and Impact: How the book has resonated with unexpected audiences, including developers and detection engineers, as a guide to understanding security concepts.

Resources Mentioned:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


[RERELEASE] What is security awareness?

In the refreshed edition of the Exploring Information Security (EIS) podcast, I talk to Amanda Berlin AKA @Infosystir about security awareness. 

Amanda was charged with setting up a security awareness program for her company from scratch. Setting up a security awareness program is hard work, making it effective is even harder, but Amanda rose to the challenge and came up with some creative ways to help fellow employees get a better handle on security.

In this interview we cover:

  • What is security awareness?

  • How a security awareness program should be implemented.

  • What does an effective security program look like?

  • How do you measure the effectiveness of a security awareness program

Catching up with Mental Health Hackers Founder Amanda Berlin at ShowMeCon

Summary:

In this relaxed and engaging episode recorded from air loungers at Show Me Con, Timothy De Block catches up with Amanda Berlin from Mental Health Hackers during Mental Health Awareness Month. They discuss the importance of mental health in the IT security industry, which is often fraught with stress and high demands.

Episode Highlights:

  1. Personal Stories of Mental Health: Timothy and Amanda share their personal experiences with mental health challenges, emphasizing the common struggles many face in the IT security field.

  2. Impact of Alcohol: The discussion explores the impact of alcohol on mental health, particularly how it affects sleep and stress levels. They touch upon efforts to create event spaces that offer alternatives to alcohol-centric activities.

  3. Mental Health Hackers: Amanda talks about the work of Mental Health Hackers, a group that attends various conferences to provide spaces for people to relax and decompress.

  4. Fundraising and Awareness: Mention of Mental Health Hackers' new t-shirt campaign designed to promote mental wellness, with proceeds supporting their activities at conferences. You can get T-Shirts here: https://www.customink.com/fundraising/mental-health-awareness-for-mhh

Key Quotes:

  • "It’s really about awareness... paying attention to how habits like drinking can impact our mental state and sleep." - Timothy De Block

  • "We need to create environments at events where drinking isn’t the main focus, allowing people to enjoy without the pressure of alcohol." - Amanda Berlin

Additional Resources:

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon: Talking Sysmon with Amanda Berlin

Amanda Berlin

Summary:

Amanda Berlin is Lead Incident Detection Engineer at Blumira, where she leads the development of new detections for the Blumira platform, based on threat intelligence and research. In this episode I catch up with her to talk about Sysmon and ShowMeCon. Sysmon is such a great tool for getting more information out of your systems. The best part is it’s free.

This podcast is sponsored by ShowMeCon.

Episode Highlights:

  • What is Sysmon

  • How to use Sysmon

  • ShowMeCon

Guest Information:

Amanda Berlin is Lead Incident Detection Engineer at Blumira

Contact Information:

Leave a comment below or reach out via the contact form on the site, email [timothy.deblock[@]exploresec[.]com, or reach out on LinkedIn.

Check out our services page and reach out if you see any services that fit your needs.

Social Media Links:

[RSS Feed] [iTunes] [LinkedIn]


ShowMeCon 2018 Live

In this panelist episode of the Exploring Information Security podcast, the first ever podcast panel at ShowMeCon 2018!

Amanda Berlin (@InfoSystir), Wik (@jaimefilson), David Cybuck (@dpcybuck), April Wright (@aprilwright), and Dave Chronister (@bagomojo) join me on the live EIS panel at ShowMeCon, June 7, 2018. This is the first panel I've ever done for the podcast. It went so well, I hope to do more in the future. We cover a variety of topics and have a few laughs.

YouTube version

In this episode we discuss:

  • What's coming back in vogue

  • What to do with master ID

  • What our thoughts are on new password policies from NIST

  • How to handle best practices

Why mental health is important

In this mindful episode of the Exploring Information Security podcast, Amanda Berlin joins me from Converge and BSides Detroit this past week to talk about mental health.

Amanda (@InfoSystir) gave a keynote at Converge last week. The topic: mental health. It's a great talk and something I recommend people watch. Mental health is very important in our field. A lot of us were bullied coming up through school. Others grew up in awful environments. We've gotten past those challenges to become successful information security professionals. There are still scars, however, and if we don't identify and address them it will lead to unhealthy actions. Especially, since we are in a high-stress field that is overwhelmed.

We need to have an open dialogue about mental health. The downside to have a poor mental health. We need to share ideas on how to better address our state of minds. Often we feel alone. We are not. If you feel like you are in a bad place mentally, there are resources that can help. Call a hotline (1-800-273-8255). Do a Google search. There are people who can help. Family, friends, or mentors. You matter.

In this episode we discuss:

  • Why talking about mental health is important

  • What experience we've had

  • How we handle our own mental state

  • How others are handling their mental state