5 Things We Are Going to Continue to Ignore in 2025
In this video, John Strand discusses the complexities and challenges of penetration testing, emphasizing that it goes beyond just finding and exploiting vulnerabilities.
John Strand’s 5 Phase Plan For Starting in Computer Security
This article was originally published in the SOC Issue of our PROMPT# zine, which you can read for free HERE. The information was adapted from the 2018 webcast “John Strand’s […]
Questions From a Beginner Threat Hunter
Answered by Chris Brenton of Active Countermeasures | Questions compiled from the infosec community by Shelby Perry This article was originally published in the Threat Hunting issue of our infosec […]
GRC for Security Managers: From Checklists to Influence
This webcast was originally aired on January 16, 2025. In this video, Kelli K. Tarala and CJ Cox discuss the challenges and strategies for improving governance, risk, and compliance (GRC) […]
AI Large Language Models and Supervised Fine Tuning
This blog post is aimed at the intermediate level learner in the fields of data science and artificial intelligence. If you would like to read up on some fundamentals, here […]
Attack Tactics 9: Shadow Creds for PrivEsc w/ Kent & Jordan
In this video, Kent Ickler and Jordan Drysdale discuss Attack Tactics 9: Shadow Credentials for Primaries, focusing on a specific technique used in penetration testing services at Black Hills Information Security
One Active Directory Account Can Be Your Best Early Warning
Here we go again, discussing Active Directory, hacking, and detection engineering. tl;dr: One AD account can provide you with three detections that if implemented properly will catch common adversarial activities […]
Introduction to Zeek Log Analysis
In this video, Troy Wojewoda discusses the intricacies of Zeek log analysis, focusing on how this network security monitoring system can be used to understand traffic and analyze logs effectively.
Indecent Exposure: Your Secrets are Showing
by moth Hard-coded cryptographic secrets? In my commercially purchased, closed-source software? It’s more likely than you think. Like, a lot more likely. This blog post details a true story of […]