Carlton Brewster, CISSP, CEH, B.Sc

[New Webinar] Reclassification Update: OMB Requests Input for SOC Revision. 7/17 at 2 pm ET. Today OMB announced the beginning of a multi-year process to revise the Standard Occupational Classification. Through this process, OMB will consider whether to change the classification of public safety telecommunicators from the administrative/clerical category to the category for Protective Service Occupations. Join us on July 17 for a webinar to explain APCO’s strategy for providing input to OMB, how this effort relates to the 9-1-1 SAVES Act and what you can do to help ensure that OMB finally corrects this outdated classification. https://lnkd.in/ekhmW5am

11

SOC Interview Questions. Explaining an interviewer about SSL Handshake. #cybersecurity #securityanalysts #cyberterminologies#securityoperations#securitybasics

5

2 Comments

Master SOC Interview Skills with Role-Playing! 🚀 Want to excel in your SOC Analyst interviews? Learn how to effectively practice incident response and threat hunting through role-playing exercises. Our comprehensive guide, "SOC Interview Role-Playing: Practicing Incident Response and Threat Hunting," provides step-by-step insights to help you stand out. Visit our website : https://lnkd.in/dAhSFBTq Share this valuable resource with your network and let’s elevate our cybersecurity skills together. We’d love to hear your thoughts and experiences—drop a comment below! #CyberSecurity #SOCAnalyst #IncidentResponse #ThreatHunting #CareerGrowth #IndianCyberSecuritySolutions #InterviewPreparation

21

2 Comments

If you haven't downloaded our ebook, "Offense + Defense = Complete Cybersecurity," get your complimentary copy here. You'll learn what's missing from your current cybersecurity strategy, and how any security team can fill the gaps fast. What's next for your cybersecurity? Our ebook has the answer. https://hubs.ly/Q02QfM9n0 #cybersecurity #ebook #offensivesecurity

7

#DOYOUKNOWCVE CISA added CVE-2024-29824 to the Known Exploited Vulnerabilities (KEV) catalog! CVE-2024-29824: Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability. It allows attackers to manipulate database queries, potentially leading to unauthorized access or data modification. Stay vigilant and Patch immediately! Learn more from the LOVI platform: https://lnkd.in/dShfN_D6 #CVE #CISA #Ivanti #SQLInjection #Activelyexploited #POC #LOVI

18

📣 CMMC Program Final Rule Published 📣 The final program rule for the Cybersecurity Maturity Model Certification (CMMC) Program was published in the Federal Register recently. The key takeaways include: -There are 110 identifiable and applicable security requirements specified in the new NIST SP 800-171. -Firms in the DoD supply chain are now required to provide adequate security on all contractor information systems. For example, defense contractors must confirm that any Cloud Service Providers (CSPs) used by the contractor to handle CUI meet Federal Risk and Authorization Management Program (FedRAMP) Moderate Baseline or the equivalent requirements. It also requires defense contractors to flow down all the requirements to their subcontractors who process, store, or transmit CUI. -NIST SP 800-171 has 3 levels of certification. Level 1, which is self-certified. Level 2 now has 2 separate classifications for certification including a self-certification option and a C3PAO option. For you Star Wars buffs, that is not a typo. It stands for CMMC 3rd Party Assessment Organizations. These are similar to ISO or SOC2 compliance audit agencies. The final level, Level 3 will require DoD certification. -Understanding your contractual requirements based on your defense partnership will mandate the level of certification required, and your obligations to the security, management and accountability your organization will require. Full Ruling here: https://hubs.ly/Q02Wk45N0 With risks and requirements changing quickly, it's hard to know how to ensure your compliance. SkyTerra is here to help, book a meeting with our team to learn if these new rules affect your compliance: https://hubs.ly/Q02Wk2qj0

1

Curious about OSCP+ and recertification? Join OffSec on November 13 at 12:00 pm ET for an interactive webinar with OffSec's Paul Griffin and Packetlabs' Denis Kucinic as they discuss: ✅ Why OSCP+ matters ✅ How it can help your career ✅ What hiring managers look for in certifications 📅 Save your spot here ->> https://lnkd.in/eSsVwqTe

40

4 Comments

📣 Four Items Open For Public Comment 1. Work Roles > Digital Evidence Analysis  > Insider Threat Analysis  > Operational Technology (OT) Cybersecurity Engineering  (Comments on the Work Roles are due by November 14,  2024) 2. Competency Area > Cyber Resiliency  (Comments on the Competency Area are due by November 14,  2024) Learn more: https://lnkd.in/emyxC4jR #Cybersecurity #CybersecurityEducation #CybersecurityWorkforce #CybersecurityTraining #WorkRole #CybersecurityWorkRoles

5

1 Comment

🚨 SECURITY ALERT: CVE-2024-9061 🚨 📝 CVE DETAILS: - 🆔 Vulnerability: CVE-2024-9061 - 📅 Publication Date: 2024-10-16 08:15:07 UTC - 🛡️ MITRE Tactics and Techniques: Tactics: - Tactic Name: Access Control: Limit system access to authorized users processes or devices. MITRE ATTCK ID: TA0004 - Tactic Name: Software and Data Integrity: Verify and maintain the integrity of software and data. MITRE ATTCK ID: TA0006 - Tactic Name: Security Assessment: Perform security assessments to identify vulnerabilities and weaknesses. MITRE ATTCK ID: TA0009 Techniques: - Technique Name: User Account Control: Configure operating systems and applications to enforce strong user account control policies. MITRE ATTCK ID: T1052 - Technique Name: Least Privilege: Adhere to the principle of least privilege granting users and processes only the necessary permissions to perform their tasks. MITRE ATTCK ID: T1057 - Technique Name: Input Validation: Implement input validation mechanisms to sanitize and validate user input preventing the execution of malicious code or commands. MITRE ATTCK ID: T1098 - Technique Name: Software Bill of Materials: Maintain a comprehensive inventory of software components and dependencies to facilitate vulnerability management and patching. MITRE ATTCK ID: T1580 - Technique Name: Vulnerability Scanning: Regularly scan systems and applications for known vulnerabilities using automated tools. MITRE ATTCK ID: T1590 - Technique Name: Security Testing: Conduct regular security testing including penetration testing and code reviews to identify and remediate vulnerabilities. MITRE ATTCK ID: T1601 - 🌐 References: https://lnkd.in/e8JqPnGH https://lnkd.in/ectxQE6i #CVE #CyberSecurity #InfoSec #Vulnerability #TechNews #AI #Automation

1

Just in - CISA publishes Encrypted DNS Implementation Guidance for Federal Agencies to enhance cybersecurity and protect sensitive data. Stay ahead of the curve with this important resource: https://lnkd.in/eMeN-uxt #cybersecurity #CISA #encryptedDNS

2

Cybersecurity is a constant battle. Learn how to proactively defend your organization against evolving threats using the MITRE ATT&CK framework. This presentation will discuss how ThreatNG aligns with MITRE ATT&CK to help you strengthen your defenses and mitigate risk. Discover how to: - Gain visibility into your external attack surface 🔍 - Identify and address vulnerabilities before they're exploited 🔒 - Detect and respond to threats at every stage of the attack lifecycle 🚨 - Safeguard your critical assets and sensitive data 💼 Want to learn more? Visit the following page to download our free mapping document: https://lnkd.in/ebxGC9PK #ASM #AttackSurface #AttackSurfaceManagement #Cybersecurity #CybersecurityAwareness #DigitalRiskProtection #DRP #EASM #ExposureManagement #ExternalAttackSurfaceManagement #CTEM  #ExternalAttackSurface #Security #Securityawareness #SecurityRatings #TPRM #VulnerabilityAssessment #MITREATTCK #ThreatIntelligence #CyberDefense #DataProtection #RiskManagement #CyberResilience #VulnerabilityManagement #CloudSecurity #Privacy

3

Learn active reconnaissance enumeration techniques with Chris Paul. Gather critical information during pentests, exploit vulnerabilities, and become an enumeration pro.

23

Master the Incident Response Process as a SOC Analyst! Want to excel in incident response and protect your organization from cyber threats? Check out our comprehensive guide on "Incident Response Process: A SOC Analyst's Guide." This step-by-step document is perfect for technical students and professionals looking to advance their skills in cybersecurity. Visit our website : https://lnkd.in/eFVaVDHW Share this valuable resource with your network and let’s help each other grow in our cybersecurity expertise. We’d love to hear your thoughts and experiences—drop a comment below! #CyberSecurity #SOCAnalyst #IncidentResponse #CareerGrowth #IndianCyberSecuritySolutions #ProfessionalDevelopment

19

3 Comments

😖 SOC Analyst #1: Tell me again, why don’t we store all of the observability and network logging data in the data lake? 😇 SOC Analyst #2: Well, that would be a lot of data to keep indefinitely! 🤦 SOC Analyst #1: Uh, yeah, duh. The IT Ops team has it though, it’s inside of Amazon OpenSearch Service. 😨 SOC Analyst #2: Don’t you need to know Lucene to get at the data? 🤓 SOC Analyst #3: Actually, I am pretty sure it is a domain specific language… 😆 SOC Manager: You’re both right, it can use either, or a graphical interface. 😠 SOC Analyst #1: Okay, that’s well and good, but we got off the SIEM and moved to the data lake and I feel we’re still missing stuff. I thought cheap storage was the reason to get off of the old SIEM?! 🤓 SOC Manager: Well, those things tend to equal out, we also have to be careful with our compute charges. 🤑 SOC Analyst #3: They always get you! 😮‍💨 SOC Analyst #1: Alright, fine, I’m here to do SecOps not to do FinOps…even if IT does give us access, I don’t miss having to search across a bunch of different indices and learn another query language. Ain’t no one got time for that! Any chance https://query.ai can help us dodge that bullet again? 😤 SOC Analyst #2: Hold on. [TYPES FURIOUSLY] Yes! They are working on an Amazon OpenSearch Service integration right now! No Lucene, no DSL, no one-index-at-a-time – just like they do it for our lake and our other tools! 😀 SOC Manager: Yes…says they will handle all of the query translation, and normalize the data in OCSF like everything else, so we can reuse a lot of our playbooks and automation content. 😍 SOC Analyst #1: LFG! I love OpenSearch Service and Query together. Nothing is beyond our reach! 😎 SOC Analyst #2: Based. Read more: https://hubs.ly/Q02Z3msP0 #opensearch #opensearchservice #loganalytics #elk #siem #federatedsearch #observability #aws

13

3 Comments