How to make time for a home lab

In this timely episode of the Exploring Information Security podcast, Chris Maddalena and I continue our home lab series by answering a listener's question on how to find time for a home lab.

Chris (@cmaddalena) and I were asked the question on Twitter, "How do you make time for a home lab?" We answered the question on Twitter, but also decided the question was a good topic for an EIS episode. Home labs are great for advancing a career or breaking into information security. To find the time for them requires making them a priority. It's also good to have a purpose. The time I spend with a home lab is often sporadic and coincides with research on a given area.

In this episode we discuss:

  • Making a home lab a priority
  • Use cases for a home lab
  • Ideas for fitting a home lab into a busy schedule

More resource:

How to build a home lab

In this getting stared episode of the Exploring Information Security podcast, I discuss how to build a home lab with Chris Maddalena.

Chris (@cmaddalena) and I have submitted to a couple of calls for training at CircleCityCon and Converge and BSides Detroit this summer on the topic of building a home lab. I will also be speaking on this subject at ShowMeCon. Home labs are great for advancing a career or breaking into information security. The bar is really low on getting started with one. A gaming laptop with decent specifications works great. For those with a lack of hardware or funds there are plenty of online resources to take advantage of. 

In this episode we discuss:

  • What is a home lab?
  • Why would someone want to build a home lab?
  • What are the different kinds of home labs?
  • What are the requirements?
  • How to get started building a home lab

More resources:

What is red vs. blue? - Part 2

In this competitive episode of the Exploring Information Security podcast, I discuss red team vs. blue team with Mubix AKA Rob Fuller.

Rob (@Mubix), recently had a post titled "Friendly Fire." In the post he talks about the red vs. blue dynamic and some of the pitfalls of that attitude. I knew of the red vs. blue dyanmic, but I never thought it would be hurting the security industry. I decided to have Mubix on to discuss the topic a little bit more. 

In this episode we discuss:

  • Maximizing the pentest window
  • CTFs and how they contribute to the problem

More Resources

What is Red vs. Blue - Part 1

In this competitive episode of the Exploring Information Security podcast, I discuss red team vs. blue team with Mubix AKA Rob Fuller.

Rob (@Mubix), recently had a post titled "Friendly Fire." In the post he talks about the red vs. blue dynamic and some of the pitfalls of that attitude. I knew of the red vs. blue dyanmic, but I never thought it would be hurting the security industry. I decided to have Mubix on to discuss the topic a little bit more. 

In this episode we discuss:

  • Define red team vs. blue team
  • Working together

More Resources

How to start a successful CitySec meetup - Part 2

In this get together episode of the Exploring Information Security podcast, I discuss "How to start a successful CitySec meetup" with BurbSec organizer Johnny Xmas.

How to start a successful CitySec meetup - Part 1

Johnny, (@J0hnnyXm4s), helps organize four monthly meetups in the Chicago area called BurbSec. Starting a CitySec is a unique challenge but one that is easily doable. CitySec's provide an opportunity for security professionals and enthusiasts to get together to network, learn, and improve their security mindset. Johnny will be presenting this topic as a talk at BSides Nashville April 16, 2016.

In this episode we discuss:

  • Location of the meetup
  • Website viability

More Resources

How to start a successful CitySec meetup - Part 1

In this get together episode of the Exploring Information Security podcast, I discuss "How to start a successful CitySec meetup" with BurbSec organizer Johnny Xmas.

Johnny, (@J0hnnyXm4s), helps organize four monthly meetups in the Chicago area called BurbSec. Starting a CitySec is a unique challenge but one that is easily doable. CitySec's provide an opportunity for security professionals and enthusiasts to get together to network, learn, and improve their security mindset. Johnny will be presenting this topic as a talk at BSides Nashville April 16, 2016.

In this episode we discuss:

  • The origin story of BurbSec in Chicago
  • Marketing
  • The people who attend CitySec meetups

More Resources

How to attend a conference

In this driven episode of the Exploring Information Security podcast, I discuss how to attend a conference with Wolfgang Goerlich, the director of security strategy at CBI.

Wolf (@jwgoerlich), recently produced an interesting PVCSec episode at CodeMash on the challenges of getting into infosec. One of the interesting notes from that podcast was learning how to attend a conference. It was such a great point that I invited Wolf back on EIS to discuss how to get the most out of attending a conference.

In this episode we discuss:

  • We define what attending a conference is
  • The individual goals of attendees
  • Attending a conference: pre-game, attending, and post-conference
  • Experiences that should be taken away from attending a conference

More Resoruces

What is the Security Culture Conference? - Part 2

In this relationship building episode of the Exploring Information Security podcast, I explore what is the Security Culture Conference in Oslo, Norway, June 14 - 15, 2015 with the creator of the Security Culture Framework Kai Roer.

Kai (@kairoer), is a speaker, trainer, consultant, and the creator of the Security Culture Framework (SCF). The framework deals with embedding a security mindset into the entire organization. It takes security awareness training to the next level by not only performing the training, but then measuring it's effectiveness. The Security Culture Conference is a result of that idea. It brings the brightest minds in security and gives them a platform to share ideas on the security culture in an organization. The conferences is June 14 - 15 in Oslo, Norway.

EIS listeners can get a discount on an admission ticket by entering promo code: PVCSEC

In part two we focus on the Security Culture Framework:

  • Why you should attend the conference
  • What was the motivation for the conference?
  • The type of content people can expect
  • The activities attendees can expect while attending the conference

What is the Security Culture Conference? - Part 1

In this relationship building episode of the Exploring Information Security podcast, I explore what is the Security Culture Conference in Oslo, Norway, June 14 - 15, 2015 with the creator of the Security Culture Framework Kai Roer.

Kai (@kairoer), is a speaker, trainer, consultant, and the creator of the Security Culture Framework (SCF). The framework deals with embedding a security mindset into the entire organization. It takes security awareness training to the next level by not only performing the training, but then measuring it's effectiveness. The Security Culture Conference is a result of that idea. It brings the brightest minds in security and gives them a platform to share ideas on the security culture in an organization. The conferences is June 14 - 15 in Oslo, Norway.

EIS listeners can get a discount on an admission ticket by entering promo code: PVCSEC

In part one we focus on the Security Culture Framework:

  • What is the Security Culture Framework
  • How it's applied to an organization
  • The four items of success
  • Metrics used to measure security culture

More Resources

What is a CISSP?

In this certifiably awesome episode of the Exploring Information Security podcast, I explore what a Certified Information Systems Security Professional with Javvad Malik.

Javvad Malik (@J4vv4d) doesn't need much introduction. He's done a video on the benefits of being a CISSP. He's also done a music video with his Host Unknown crew on the CISSP. There's also The CISSP companion handbook he wrote. which has a collection of stories and experiences dealing with the 10 domains of the CISSP. Check out his website at j4vv4d.com and his YouTube channel.

In this episode we discuss:

  • What is a CISSP?
  • What is the value of having a CISSP?
  • Who should get the CISSP?
  • The nuances of the certification test (pay attention to the questions)

More resources:

What is the problem we're trying to solve?

In this catalyst episode of the Exploring Information Security podcast, I explore the question, "What is the problem we're trying to solve" with Michael Santarcangelo.

Michael Santarcangelo, AKA The @catalyst, joins me to explain why answering the question is key to better security. The question, "What is the problem we're trying to solve" is the first step in identifying whether or not the problem at hand is worth addressing at this time. Essentially, is this what we should be working on right now and what will this gain us. This is a question to be answered by leadership. Michael has two decades of experience in security and working at the executive level. He's a regular on the Security Weekly and Down the Security Rabbithole podcasts. He's also launching his new program Straight Talk on Security.

In this episode we discuss:

  • What does the question mean?
  • Risk catnip
  • Why is the question important?
  • How to answer the question
  • The three perspectives of the quesiton

What is OSINT - Part 2

In this don't give a beep episode of the Exploring Information Security Podcast, I find out what OSINT is from OSINT master Tazz.

My first interaction with Tazz (@GRC_Ninja), was at CircleCityCon. I quickly became aware that if I got out of line at the conference Tazz was very likely to be the one to put me in my place. I also ran into her at DerbyCon where she kept people in line while waiting for talks to start. She also happens to be a speaker and this past year presented, "ZOMG Its OSINT Heaven" at BSides Las Vegas. Which is how I became aware that Tazz knew her stuff when it came to OSINT. She also writes about OSINT on her blog osint.fail. All of these interactions prompted me to have her on for a discussion on what is OSINT.

In part 2 we discuss:

  • Why OSINT is important
  • The skills needed to perform OSINT
  • The tools used for OSINT

More Resources:

What is OSINT? - Part 1

In this don't give a beep episode of the Exploring Information Security Podcast, I find out what OSINT is from OSINT master Tazz.

My first interaction with Tazz (@GRC_Ninja), was at CircleCityCon. I quickly became aware that if I got out of line at the conference Tazz was very likely to be the one to put me in my place. I also ran into her at DerbyCon where she kept people in line while waiting for talks to start. She also happens to be a speaker and this past year presented, "ZOMG Its OSINT Heaven" at BSides Las Vegas. Which is how I became aware that Tazz knew her stuff when it came to OSINT. She also writes about OSINT on her blog osint.fail. All of these interactions prompted me to have her on for a discussion on what is OSINT.

In part 1 we discuss:

  • What is OSINT
  • The methodology for OSINT

How to build a SOC - Part 3

In this SOC it to me edition of the Exploring Information Security Podcast, I talk with Paul Jorgensen of IBM to figure out how to build a SOC.

Fellow co-host of the PVC Security podcast, Paul (@prjorgensen) spends most of his day thinking about socks. Once he's decided on a pair, he goes out into the world to help organizations build a SOC or security operations center. He's got extensive knowledge of how to put one together and that showed in the recording. For the first time in EIS history, we have a three part series.

In part 3 we discuss:

  • What's after step one
  • Resources for building a SOC

How to build a SOC - Part 2

In this SOC it to me edition of the Exploring Information Security Podcast, I talk with Paul Jorgensen of IBM to figure out how to build a SOC.

Fellow co-host of the PVC Security podcast, Paul (@prjorgensen) spends most of his day thinking about socks. Once he's decided on a pair, he goes out into the world to help organizations build a SOC or security operations center. He's got extensive knowledge of how to put one together and that showed in the recording. For the first time in EIS history, we have a three part series.

In part 1 we discuss:

  • How to quantify the value of a SOC
  • The first step in building a SOC

How to build a SOC - Part 1

In this SOC it to me edition of the Exploring Information Security Podcast, I talk with Paul Jorgensen of IBM to figure out how to build a SOC.

Fellow co-host of the PVC Security podcast, Paul (@prjorgensen) spends most of his day thinking about socks. Once he's decided on a pair, he goes out into the world to help organizations build a SOC or security operations center. He's got extensive knowledge of how to put one together and that showed in the recording. For the first time in EIS history, we have a three part series.

In part 1 we discuss:

  • We define what a SOC is
  • We discuss it's structure
  • What skills are needed for a SOC

What is a SIEM?

In this most excellent edition of the Exploring Information Security podcast, I talk with Derek Thomas a senior information security analyst specializing in log management and SIEM on the topic of: "What is a SIEM?"

Derek (@dth0m) has a lot of experience with SIEM and can be found on Linkedin participating in discussions on the technology. I had the opportunity to hang out with Derek at DerbyCon in 2015 and I came away impressed with his knowledge of SIEM. He seemed to be very passionate about the subject and that showed in this interview.

In this episode, we discuss:

  • How to pronounce SIEM
  • What is a SIEM
  • How to use a SIEM
  • The biggest challenge using a SIEM
  • How to tune the SIEM
  • Use cases, use cases, use cases.

More Resources:

How to apply network security monitoring

In this most excellent edition of the Exploring Information Security, I talk with author Chris Sanders about how to apply network security monitoring to an organization.

Chris (@chrissanders88) is the co-author, along with Jason Smith, of Applied Network Security Monitoring: Collection, Detection, and Analysis. I recently finished the book and found it a valuable book for those operating within a SOC or those looking to start network security monitoring. Chris and Jason walk through the basics of network security monitoring including low-cost tools, snort, and how to investigate incidents. I highly recommend the book for those wanting to learn more about network security monitoring.

Before I get to what was discussed in the podcast, I want to make special mention of a cause Chris is very passionate about. The Rural Technology Fund, which strives to, "reduce the digital divide between rural and non-rural communities." The organization tries to get funding for kids in rural areas who might not have the resources available to explore technology fields. I love this idea and think it's a great idea, especially with all the talent shortage talk lately.

In this episode, we discuss:

  • What is network security monitoring (NSM)
  • What is needed for implementing NSM
  • Steps on how it should be applied.
  • How to tune after everything is up and running.

More Resources:

What is data driven security?

In this statistically-inclined edition for the Exploring Information Security podcast, I talk with Bob Rudis co-author of Data Driven Security to answer the questions: "What is data driven security?"

I recently read Data Driven Security: Analysis, Visualization and Dashboards by Jay Jacobs (@jayjacobs) and Bob Rudis (@hrbrmstr). The book is easy to read and a very good introduction into the world of data and security. Both Jay and Bob were kind with their time when I had questions about exercises in the books. After reading the book I decided to have Bob on to talk more about data driven security. 

Bob Rudis is also a contributor to the Verizon DBIR and these projects below:

In this episode we discuss:

  • What is data driven security?
  • The benefits of data driven security
  • How it should be implemented
  • Where it can be applied

Bob also gave me a long list of resources for those looking to get into data-driven security:

What is application security?

In this tenacious edition of the Exploring Information Security podcast, I talk with Frank Catucci of Qualys as we answer the questions: "What is application security?"

Frank (@en0fmc) has a lot of experience with application security. His current role is the director for web application security and product management at Qualys.  He's also the chapter leader for OWASP Columbia, SC. He lives and breathes application security.

In this episode we discuss:

  • What is applications security?
  • Why is application security important?
  • Where application security should be integrated
  • Resources for getting into application security