2015-032: Incident response, effective communication, and DerbyCon Contest

 In an incident response, the need for clear communication is key to effective management of an incident. This week, we had Mick Douglas, DFIR instructor at SANS, and Jarrod Frates, who is a pentester at InGuardians, and has great experience handling incidents. Find out some roles in an incident response (the Shadow, the event coordinator, the lead tech), and how companies should have an IR plan that handles various 'incident severities'.

Jarrod updates us on "TheLab.ms" and how you might like to help them! 

Finally, We are holding a contest to win a ticket to DerbyCon, full instructions are below. We are giving away two tickets. 

DerbyCon 1st Ticket contest expires 31 July 2015. 

 

1.     To enter for a ticket to DerbyCon

a.     A donation must be made to Hackers for Charity (http://www.hackersforcharity.org/)

b.     Once the donation is made, email your receipt of your donation to bds.podcast@gmail.com

c.     If you win:  We will contact you by the email you mailed the receipt from with our contact information. You will need to contact us when you get to DerbyCon, as we will not send you the ticket directly. You will also be responsible for airfare and accommodations at DerbyCon.

Here is a new episode of Brakeing Down Security!

2015-031: Fab and Megan-High_Math-Psychology_and Scarves

Strap yourselves in ladies and Gentlemen.  With Mr. Boettcher gone on "vacation" this week, I needed some help with the podcast, and boy did we pick a doozy.  If you're a fan of Turing Complete algorithms, frankly, who isn't ;) , we had Ms. Fabrienne Serrière (@fbz) and Ms. Magen Wu (@tottenkoph) who discuss higher order math and psychology on our podcast this week.

We also discuss a little project management and even talk about why proper survey sizes and getting a good cross-section is important.

 

Be sure to pick up one of Ms. Fbz's scarves, especially if you're a math nut, and 

Elementary Cellular Automaton : http://mathworld.wolfram.com/ElementaryCellularAutomaton.html

Turing Complete:  https://en.wikipedia.org/wiki/Turing_completeness

Sierpinski Triangle: https://en.wikipedia.org/wiki/Sierpinski_triangle

Chomsky Hierarchy: https://en.wikipedia.org/wiki/Chomsky_hierarchy

Hammer/LangSec: https://github.com/UpstandingHackers/hammer

Sergey Bratis: http://www.cs.dartmouth.edu/~sergey/

Stego Hats: http://www.ravelry.com/projects/fbz/pseudo-random-reversible-hat

SeaSec East: http://www.meetup.com/SEASec-East/

Here is a new episode of Brakeing Down Security!

2015-030: Bsides Austin panel Discussion (Red Team vs. Blue Team)

My podcast co-host Brian Boettcher, along with Kate Brew, an Austin, TX based security blogger, headed up this panel called "Red Team Vs. Blue Team". The idea was to ask people from various sides of the aisles (attackers and defenders)

INfosec heavyweights like Kevin Johnson (@secureideas), Mano Paul (@manopaul), Josh Sokol (@joshSokol), made this a very excellent podcast...

 

We hope you enjoy!

Here is a new episode of Brakeing Down Security!

2015-029: Big Brown cloud honeyblog with @theroxyd

Roxy, who we interviewed a few months ago on our podcast about hackerspaces, is back with us this week to discuss a project she is working on, called 'Big Brown Cloud'. If you've ever wanted to setup your own fake blog and send people to it to gain information on possible attacks, you've come to the right place.  

 

We also get an update on the hackerspace that Jarrod, Sean, and Roxy were getting setup a few months ago. They've come a long way, and they are about to move into their new facility

https://thelab.ms/

Here is a new episode of Brakeing Down Security!

2015-028: using log analtyics to discover Windows malware artifacts

In this podcast, you'll learn about:

Log analytics software that can be used to parse system logs for naaty malware

Detecting Malware artifacts

learn about windows directory locations

looking for indicators like packing, changed hashes, etc

Tips for capturing malware using tools like RoboCopy

Learn about what code caves are and how malware hides inside them (http://www.codeproject.com/Articles/20240/The-Beginners-Guide-to-Codecaves)

 

SANS DFIR poster - https://www.sans.org/security-resources/posters/windows-forensics-evidence-of-75 

Here is a new episode of Brakeing Down Security!

2015-027- detecting malware in Windows Systems with Michael Gough

Michael Gough joined us again to discuss malware detection techniques on Windows systems. We talk about how you can modify Powershell's defaults to allow for better logging potential. Also, we find out some hidden gems that pretty much guarantee to let you know that you've been infiltrated. 

Stay for the powershell security education, and you also learn some new terminology, like "Malware Archaeology", Malwarians, and 'Log-aholic', to name a few...

Here is a new episode of Brakeing Down Security!

2015-026- Cloud Security discussion with FireHost

This week, we discuss various methods of enabling companies to move applications to cloud based platforms. 

We discuss containers, like Docker, and how various hosting services handle converting businesses from a traditional data centers to a secure. cloud based entity.

We even discuss securing the data in the cloud, preventing bad guys from accessing it, as well as the cloud provider themselves, who can be served with a subpeona to hand over data.

Brakeing Down Security would like to thank FireHost for allowing Chase and Mike to join us.

Here is a new episode of Brakeing Down Security!