Jump to content
OpenSecurity.global
  • Recently Browsing   0 members

    No registered users viewing this page.

Jack Whitter-Jones

Whats Everyone Working On?

Recommended Posts

Policy changes, tooling, and controls to get to ISO27k next year.

Share this post


Link to post

NSM, VMP, Hardening endpoints, bringing webproxy inhouse, bringing email filtering inhouse, extending phishing reporting to IR and SOAR

  • Like 1

Share this post


Link to post

Interested in this, @james mckinlay. Why are you bringing filtering in-house? Regulatory? Or lack of efficacy of providers?

 

our email filtering is already run from in-house but I’m moving away from Microsoft ATP.

Edited by Ian Chisholm

Share this post


Link to post
10 hours ago, Ian Chisholm said:

Interested in this, @james mckinlay. Why are you bringing filtering in-house? Regulatory? Or lack of efficacy of providers?

 

our email filtering is already run from in-house but I’m moving away from Microsoft ATP.

can do it better cheaper with more control inhouse - thats not the case for everyone - but it is the case for me 

  • Like 1

Share this post


Link to post

Trying to put together a generic ransomware killchain with example TTPs and high- and low-fidelity detections for each phase in the chain. This is mostly to document all the good things we're doing wrt ransomware at my employer, and to justify deploying a few extra detections that got shot down in the past.

  • Like 1

Share this post


Link to post

Looking into how to efficiently use diffing for source code reviews.  If anyone has any good tools or processes other than

git clone && git show

 that they use let me know!

Share this post


Link to post
6 hours ago, RT Hatfield said:

Trying to put together a generic ransomware killchain with example TTPs and high- and low-fidelity detections for each phase in the chain. This is mostly to document all the good things we're doing wrt ransomware at my employer, and to justify deploying a few extra detections that got shot down in the past.

have you tried these two

 

https://blog.savagesec.com/minimizing-ransomware-risk-with-fsrm-847d70f6212b

 

https://fsrm.experiant.ca/

 

 

Share this post


Link to post
On 8/3/2019 at 9:01 AM, Jack Whitter-Jones said:

What are you all working on at the minute?

getting offsec to accept me onto OSCE - such a mess these days think they've grown too big to actually care - CX!=VG

  • Like 1

Share this post


Link to post

  • Members online now

    No members to show

×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy