Sunday, August 9, 2015

2015-034: SANS Top20 Security Controls #9 - CTFs - Derbycon dicsussion

End User training.  Lots of companies have need of regular security training. Many treat it as a checkbox for compliance requirements, once a year.  With the way training is carried out in many organizations, is it any wonder why phishing emails still get clicked, passwords still get compronised, and sensitive infomation is still leaked.

We discuss methods to make training more effective, and how to make people want to do training.

Finally, we dicsuss Capture-The-Flag competitions, and why it would behoove blue team people to attempt them. They become a great barometer for understanding your shortcomings, and what you as a blue teamer might need to study up on...

Here is a new episode of Brakeing Down Security!

No comments: