🪣"practical guidance for your AWS security program": ramimac.me/s3-logging 🪣 This time, we're tackling S3 Logging! As one of the foundational services, I expected "best practices for s3 logging" to be well established. I was disappointed ...

Up for a challenge? 👀 We're launching the "Big IAM Challenge" by Nir Ohfeld & Shir! Real-world #AWS scenarios, ready-to-go CLI, no downloads. Compete, climb the leaderboard, earn your triumph 🏆 Ready? Dive in! 👇 wiz.io/blog/the-big-i…

Building a SIEM that accommodates the unique needs of many teams is challenging, and our latest launch accepts this challenge head-on while staying true to what makes us different! We are introducing 1⃣ Simpler Detections-as-code and 2⃣Cost Efficiency in Logging🧵#SIEM #infosec

Would like to join in person in the future

Can I separate myself to attend both salon? Every talk looks interesting

Thank you everyone who attended my talk fwd:cloudsec! The slides are here: frichetten.com/fwdcloudsec-20…

If you're starting out in security and find the breadth of stuff you "need to know" daunting, I want to give you some perspective: 1. The field has broadened - dramatically. The "baseline knowledge" grows every year. Anyone saying otherwise is lying or uninformed. 1/

I'm not a fan of calling people/companies out for mistakes but I am pretty stunned at a factual error from a training I'm taking on AWS Security. "Now, the key difference here that I wanna make sure is understood is the Principal field that's highlighted..." 1/x

Jared Atkinson It sounds like looking for chokepoints. One or a set of paths which an adversary must go down to achieve a certain thing.

Gonna read this, thanks @MorattiSec medium.com/@MorattiSec/my…

Enterprise SIEMs Miss 76% of all MITRE ATT&CK Techniques Used by Adversaries CardinalOps’ 3rd annual report analyzes data collected from production SIEMs to understand SOC preparedness and #MITRE ATT&CK coverage. Download here: hubs.li/Q01VXqxj0 #SIEM #infosec #SecOps

For too long Incident Response has relied on industry experience, consultants, or 4000 page compliance frameworks that are too hard digest. I am going to fix this. I am writing a fully open-source "Awesome Incident Response guide". github.com/hevnsnt/Awesom…

20 tips for aspiring #SOC analysts. TL;DR - Candor, curiosity, passion for learning, humility, leading with empathy and being a good teammate can take you very far. 1. Candor is a strength, not a weakness. It’s OK to admit you don’t know. Learning what you don’t know is a gift,

SOC analysts, How do you make sure an alert is a false positive? How confident are you when making the false positive decision? What makes you more confident or provides confidence? #DFIR

My talk from TROOPERS Conference about real world detection engineering is now on youtube youtube.com/watch?v=IHDNkp…

🚨 GitHub and GitLab comments are being abused to push malware via Microsoft repo URLs. Let's dive in:

OK, so a weird one. Imagine you inherited a production public cloud environment built and deployed by somebody with total lack of security clue. Like they can't even spell "IAM" or smth. Now it is your job to secure it. What is the #1 thing you do? #fun #random #CloudSecurity

Jamie Levy🦉 I ran a large D&R function for an MDR, and I'll offer some insights from that experience. When the SOC identified an incident at a customer site and our investigation revealed a missed detection due to flawed logic or identified a new technique for detection, we linked D&R

First round of workshops announced for DEATHCon: deathcon.io/workshops.html More workshops that were submitted will be posted soon, and the next round will be chosen on July 1, so there’s still time to get your submission in!

Exciting news! There will be an in-person location to participate in DEATHCon in Amsterdam this year! Tickets 🎟️ will be available to last year’s attendees on July 1, and generally available on 7/7