Skip Navigation
Almost nine gigabytes in size: Windows update 24H2 creates an undeletable cache file
  • Won't someone please think of the investors...!

  • 5th Circuit rules ISP should have terminated Internet users accused of piracy
  • I'm just glad they're still distracted with torrents...

  • 5th Circuit rules ISP should have terminated Internet users accused of piracy
  • rawdawg some torrents

    LOL! Did you spray 1's and 0's in their face when you were done?

  • Keep Tier-One Applications Out of Virtual Environments
  • Good comments.

    Do you think there's still a lot of traditional or legacy thinking in IT departments?

    Containers aren't new, neither is the idea of infrastructure as code, but the ability to redeploy a major application stack or even significant chunks of the enterprise with automation and the restoration of data is newer.

  • Keep Tier-One Applications Out of Virtual Environments
  • Lol, even in 2024 with free VPN/overlay solutions...they just won't stop public Internet exposure of control plane things...

  • Keep Tier-One Applications Out of Virtual Environments
  • Blank check

    Funny how that seems to often be the case. They need to see the consequences, not just be warned. An 'I told you so' moment...

  • Keep Tier-One Applications Out of Virtual Environments
  • Agreed.

    Dont we all use centralized management because there is cost and risk involved when we don't.

    More management complexity, missed systems, etc.

    So we're balancing risk vs operational costs.

    Makes sense to swap out virtual for container solutions or automation solutions for discussion.

  • Keep Tier-One Applications Out of Virtual Environments
  • Yeah, that's pretty risky for this point in time.

    I guess the MBA people look at total cost of revenue/reputation loss for things like ransomware recovery, restoration of backups vs the cost of making their IT systems resilient?

    Personally, I don't think so (in many cases) or they'd spend more money on planning/resilience.

  • Keep Tier-One Applications Out of Virtual Environments
  • Seems like your org has taken resilience and response planning seriously. I like it.

  • Keep Tier-One Applications Out of Virtual Environments
    www.darkreading.com Keep Tier-One Applications Out of Virtual Environments

    Crafty bad actors can infect all of an organization's virtual machines at once, rendering tier-one applications useless.

    Keep Tier-One Applications Out of Virtual Environments

    After reading this article, I had a few dissenting thoughts, maybe someone will provide their perspective?

    The article suggests not running critical workloads virtually based on a failure scenario of the hosting environment (such as ransomware on hypervisor).

    That does allow using the 'all your eggs in one basket' phrase, so I agree that running at least one instance of a service physically could be justified, but threat actors will be trying to time execution of attacks against both if possible. Adding complexity works both ways here.

    I don't really agree with the comments about not patching however. The premise that the physical workload or instance would be patched or updated more than the virtual one seems unrelated. A hesitance to patch systems is more about up time vs downtime vs breaking vs risk in my opinion.

    Is your organization running critical workloads virtual like anything else, combination physical and virtual, or combination of all previous plus cloud solutions (off prem)?

    35
    How to get police to enforce traffic laws?
  • I didn't know how much the sheriff has to do with impd department policy/culture. In a metro department, I think that's the chief of police, which I think is appointed?

    Probably badger the city council and your local reps.

  • AT&T sues Broadcom for refusing to renew perpetual license support
  • contract "options" are indeed normal. You could also lump in government contracts into the category your thinking about. I've never heard of a scenario where the vendor broke contract by not honoring the options. I also have never dealt with a vendor getting bought out and then not honoring existing contracts. Super fun to watch the corporate drama. I personally don't care for the private equity style business that seems to be an even bigger problem than the investor first/profit centric model that I thought was the worst thing.

  • What are You Working on Wednesday
  • I have been painstakingly laying the ground work for segmenting network into data center management plane, and future overlay networks for internal applications and dmz / public services.

    It would have been easy to burn the place down and start over...

  • What are You Working on Wednesday
  • Ever look at emby?

  • Question: What do you use for configuration management?

    I've seen companies do all sorts of home grown things.

    One uses a spreadsheet that is just the configuration row by row, they turn it I to text file and copy to startup, reload.

    I have used git servers to do the same thing, but with obvious change tracking history of git.

    What real or home grown things are you using?

    2
    Federal agencies ordered to halt voter registration services in Indiana
  • So, it's reasonable to assume they'd mostly have no need for a driver's license?

    What about the other things? How do you buy beer without a DL? I know broke people who still buy beer.

    I'm still having a hard time imaging not having one at all.

  • Federal agencies ordered to halt voter registration services in Indiana
  • I believe you might be right about that.

  • Federal agencies ordered to halt voter registration services in Indiana
  • How do all these poor people do everything else?

    How do they drive cars, buy cars, get paid, etc?

    I can understand dealing in all cash, but you can't legally drive cars with a DL. Is that racist? This logically means requiring motorists to have ID is racist and discrimination right?

  • Federal agencies ordered to halt voter registration services in Indiana
  • Can anyone prove definitely that corrupt politicians are trying to keep poor voters from voting?

    Still seems like an assertion that's a matter of opinion.

    Did anyone throw the same fit about driving cars? You have to take the same time off work and get all the same documents to do literally every other civil function: legally drive to work, open a bank account for direct deposit, get a credit card, get medical treatment, get insurance, file taxes, etc. You have to pay for transportation to the grocery store if you don't have a car.

    Why is just one political group making a fuss about it, which seems to be really focus on voting? You only vote once in a while. You do or use those other examples every day.

    I feel like a larger issue is just being exploited for political people to make victom statements.

    Why is voting less important to prove identity than buying alcohol?

    I'm not a citizen of this country. You're saying I can/should vote? That's illegal, but what stops me. I could do it a bunch of times too, I just go to different places.

  • Federal agencies ordered to halt voter registration services in Indiana
  • I get it, but I disagree. I don't it's about voting, I think it affects voting.

    I'd rather fix the poor problem than allow voter fraud.

    The fees for everything we need government services for, like getting a document is outrageous. Why the he'll do we pay taxes to fund government agencies local/state/etc and then still pay fees?

    That's double taxation. I think that's the real fight on poor people. That document fee is over some people's hourly wage, but yet it's required.

    That's about like having to be in debt in order to build credit. It all serves to take money from working class to wealthy.

  • Federal agencies ordered to halt voter registration services in Indiana
  • So when I read this, don't think: "Let's stop ID'ing people when they buy alcohol or weed" (someday), but instead I think: "Why aren't IDs free!?"

    If it's critical and a civil need to ID people for all sorts of valid reasons, then it should be free/tax funded.

    I'd rather tax money cover something like IDs than hear agreements about trying to restrict fraud. If you want to prevent voter fraud, eliminate reasons that allow the conditions to persist.

    Thanks for the read. I do t have an easy idea for the time. Indiana BMV was massively improved a while ago. Maybe we need more of that. There's probably no getting around taking the time to establish identity or dealing with stupid documents. We have to start somewhere.

    ...or the government records your DNA at birth, then we're good. - j/k, that would scare everyone into rage and riots 🙃

  • Question: Cisco SSL VPN or FlexVPN?

    Currently using an ISR4461x. Now 17.7+ supports ssl VPN.

    Should we learn flexvpn or do ssl VPN?

    2
    Firewall Schemes at Different Layers

    This is a network defense design scheme question.

    In a scenario where your organization is designing multi-layered firewall deployment and management, how granular  do you create rules at each of these three layers?

    Example site is a main/HQ site that also houses your data center (basic 3 tier model).

    1. Site has your main internet gateway and VPN termination point. As am example, it's a Cisco or other ZBF. It has four zones: (1) Internet, (2) VPNs from other sites/clients, (3) your corporate LAN including data center, (4) Guest/untrusted/Iot.

    2. Between your gateway and the rest of your corporate network/datacenter, you have transparent proxy firewall/IPS/monitor. It's bridging traffic between gateway and data center.

    3. Within data center, hosts have software host based firewalls, all centrally managed by management product.

    Questions:

    • How granular do you make ZBF policies at gateway? Limit it to broad zones, subnets, etc? Get granular by source/destination? Further granular by source/destination/port?

    • How granular do you make rules for transparent proxies between segments? Src/dst? Src/dst/port?

    • How granular do you make rules for host based firewalls? Src/dst? Src/dst/port? Src/dst/port/application/executable?

    • How have organizations you've worked for implemented these strategies?

    • Were they manageable vs effective?

    • Did the organization detect/prevent lateral movement if any unauthorized access happened?

    • What would you change about your organization's firewall related designs?

    1
    Technical Controls

    What sources of technical controls does your organization use?

    Do you base device/operating system configurations on:

    • CIS workbench?
    • NIST/STIG?
    • Microsoft best practice?
    • Google searches and 'that looks good'?

    How closely rigorously does your organization enforce change management for policies or settings?

    • Can you change GPOs/Linux/Network device settings as needed?
    • During maintenance window?
    • After a group meeting with code/change review and some sort of approval authority?
    3
    Implementing Least-Privilege Administrative Models
    learn.microsoft.com Implementing Least-Privilege Administrative Models

    Learn more about: Implementing Least-Privilege Administrative Models

    Implementing Least-Privilege Administrative Models

    Does anyone fully implement workstation and server logon restrictions, and priviledged access workstations (PAW) as prescribed by NIST/STIG/CIS?

    The URL is Microsoft's long description of the same concepts.

    Specifically from the above, there's a few things like:

    • Establishing asset/systems tiers (domain controllers or entire org compromise tier 0, moving towards less consequence in the event of system compromise)
    • Accounts with the Active Directory Domain Admins or equivalent are supposed to be blocked from logging into lower tier assets
    • Workstations that have access to log into these super sensitive assets like Domain controllers for management are considered PAWs, and are blocked from internet access, highly locked down, might have extra hoops or management plane assets are air gapped?

    Question:

    Does anyone actually do any of this at their organization?

    If so, to what degree?

    People hated red forest because it was a whole other set of infrastructure to baby sit.

    People hate air gapped systems because no remote access or work from home.

    The above doesn't work well with cloud, and as a result Microsoft (just as an example) pushed for the new hybrid PIM models replacing their old red forest concept.

    I'm just curious.

    2
    New billboards urge Indiana Democrats to take Republican ballots in May primary • Indiana Capital Chronicle

    I don't even know where to begin with some of the quotes in this article, good or bad.

    The topic of politics can be aggausting, but I wonder if there isn't merit to this idea?

    If we'll have republican local reps regardless based on trends, should people jump party and vote for more moderate candidates, if any exist?

    Even if you know your candidate isn't likely to win, do you vote them on principle to vote metrics and data, or do you vote for the lesser evil opponent, even if you feel dirty for it?

    I'm not taking or endorsing a side or suggesting anyone should, just curious. Pretend it's the opposite parties than Indiana if it helps thinking through it.

    0
    Ask the Midwest @midwest.social RedFox @infosec.pub
    What's going on with the Midwest politically?
    infosec.pub Log in - kbin.social

    Explore the Fediverse

    Log in - kbin.social

    My reason for posting this question is to get some perspective, since I don't live further west than Indiana.

    Indiana has a lot of conservative tendencies, usually opposes progressive policies, and a little old school bigotry in the form of religion based disagreement with people's life styles, like letter community.

    From an outsiders perspective, TX, OK, MO etc are even more extreme.

    This permalink above from a comment from a person referencing recently proposed legislation against letter community people specifically, though there's tons of examples of bigotry like the school principal getting sued for discrimination due to a kid's hair (black hair).

    We know Lemmy is a bit more populated with left than right thinkers, but regardless, what's going on in these western plains states? Is it as bad as it looks?

    Do you personally know some sweet old church ladies who 'hate the gays because they'll going to hell' or are there just more extreme law makers being elected that don't represent the majority?

    EDIT: tried to fix link to a conversation instead of a login page.

    23
    Asset and Vulnerability Scanning

    This is not an ad.

    Does anyone have experience with Tenable products?

    I'm interested in real world experience regarding:

    • cost
    • effectiveness
    • ease of use

    I'm playing with Tenable Security Center and Nessus Scanner. I'm early in the deployment, just looking for pointers and whether anyone has used it?

    What alternatives is your org using if not?

    Can you compare?

    Edit, if anyone is interested, I can post results and opinions here also.

    8
    Recommendations similar to Crema e Aroma - Whole Bean Coffee | Lavazza
    www.lavazzausa.com Crema e Aroma - Whole Bean Coffee | Lavazza

    Crema e Aroma is a whole bean coffee made from carefully selected Arabica and Robusta beans. It's a creamy coffee ideal for your milk-based recipes and preparations.

    I like this bean. It's smooth, and I usually like roasts with chocolate notes.

    I'm also cheap. This is around .50 cents US per once.

    Do you have a favorite bean that's medium/smooth, and also in the .50 range that can be ordered online?

    My local roasters are all around a dollar per once and I haven't found anything that was so good, I couldn't go back to this for half the cost, so I do them as a special occasion.

    5
    Museum behind ladies-only art exhibit sued by man who was denied entry - National | Globalnews.ca
    globalnews.ca Museum behind ladies-only art exhibit sued by man who was denied entry - National | Globalnews.ca

    Artist Kirsha Kaechele arrived at the Tasmania courtroom alongside 25 women dressed in navy business attire, all of whom made a show of reading feminist texts in the courtroom.

    Museum behind ladies-only art exhibit sued by man who was denied entry - National | Globalnews.ca

    Not sure if this was already posted.

    The article describes the referenced court case, and the artist's views and intentions.

    Personally, I both loved and hated the idea at first. The more I think about it, the more I find it valuable in some way.

    132
    Should students have cellphones in class? Indiana just said no — with a few exceptions
    www.wishtv.com Should students have cellphones in class? Indiana just said no — with a few exceptions

    Indiana students will need to put their phones away during class under a law that requires districts to ban communication devices from class.

    Should students have cellphones in class? Indiana just said no — with a few exceptions

    Indiana just passed legislation to require schools to ban phones.

    They permit them for health reasons, emergencies, when part of lesson, and when part of a formal plan.

    I personally don't like the idea of schools requiring locking them up. What would you do in that emergency they mentioned?

    Why should kids not be able to use them at lunch?

    If you want to control your kid's phone time, there's already apps for that.

    Edit: additional comment from a teacher: she said the phone restrictions aren't going to be as effective as one would think with all the kids having watches with data plans. Dude...

    0
    Security Technical Implementation Guides (STIGs) – DoD Cyber Exchange

    For anyone interested in compliance and hardening, here's some links to the DOD/US GOV standards for information systems. This information is available to the public.

    Security Technical Implementation Guides (STIGs)

    This is a document that has recommended settings, methods, etc to make a product the most secure it can reasonably be. STIGs break things or turn off features people might be accustomed to. You have to do testing and figure out how to either make something work with STIG settings applied, or do exceptions. These are similar to Internet Security (CIS) Benchmarks.

    STIG Viewer

    The STIG viewer is a Java app that basically makes the list into a checklist where you can track applying settings.

    SCAP

    Going farther with automation, Security Content Automation Protocol (SCAP) can be used to conduct automated checked against systems to determine compliance with a setting. Install the SCAP tool, load the automated checks into it, and then take the results from SCAP tool and import them into the STIG viewer. It will knock out anything that could be checked automatically. The remaining checks would be things that are manually checked.

    Compare

    Here's a good article that compares STIGs and CIS benchmarks: https://nira.com/stig-vs-cis/#:~:text=The%20Center%20for%20Internet%20Security%20offers%20a%20tool%20similar%20to,robust%20than%20the%20STIG%20tool.

    Download STIGs for products: https://public.cyber.mil/stigs/downloads/

    STIG Viewer: https://public.cyber.mil/stigs/srg-stig-tools/

    Security Content Automation Protocol (SCAP) content: https://public.cyber.mil/stigs/scap/

    https://public.cyber.mil/stigs/supplemental-automation-content/

    2
    Podcast: 7 Minute Security
    7minsec.com Podcast

    The 7 Minute Security Podcast What is it?The 7 Minute Security podcast is a weekly audio podcast (show notes are here) that started with 7-minute episodes - though they're typically much longer now :-) - and features some of our favorite security topics:Penetration testingVulnerability assessment...

    For anyone who's interested in pen. testing, there's a business from MN that does a podcast where the host and business owner, Brian, talks about doing tests, tells stories, and is generally goofy.

    Brian made a podcast intro song, kinda funny. He talks about testing successes, tips for security, personal things, and running the business. They do live streaming where they sometimes get into the weeds and teach some techniques.

    (I am not affiliated with 7 Minute Security, just enjoy the podcast/learning)

    4
    Open Source IDS - Security Onion 2.4

    For anyone who's interested in IDS, this is a product that's open source, with support.

    It can be run as a single standalone, but it's meant to be run tiered, where you can deploy sensors doing packet capture, analysis, which gets sent to a central manager, and then can be retained in search nodes.

    It's incredibly powerful, just have to be willing to learn how to tune it.

    https://docs.securityonion.net/en/2.4/ https://blog.securityonion.net/

    I am not affiliated with the product, just a user of it. I like it.

    0
    United States | News & Politics @lemmy.ml RedFox @infosec.pub
    Inside the Black business boom that’s reshaping America's economic landscape & Opinion Discussion
    fortune.com Inside the Black business boom that’s reshaping America's economic landscape

    Consumers should intentionally seek out and support Black-owned businesses, not just during Black History Month or on Juneteenth, but all year long.

    Inside the Black business boom that’s reshaping America's economic landscape

    The article discusses business successes by entrepreneurs, and outlines the realities of obtaining financing for these businesses.

    > Black-owned businesses in the U.S. are major contributors to the economy, generating $206 billion in annual revenue and supporting 3.56 million U.S. jobs. Many of these businesses are federal contractors and many more are in a good position to become contractors.

    > Black entrepreneurs apply for business loans at a higher rate, yet we are receiving funding at a much lower rate compared to white entrepreneurs. Studies show that Black entrepreneurs are three times more likely than white entrepreneurs to report that access to financial capital negatively impacts their profits.

    Discussion:

    Businesses and government are making efforts to roll back DEI, which naturally leaves people imagining we might lose gains made for minorities and opportunity.

    Large efforts have been over the years to legislate fairness by making discrimination illegal (effectiveness questionable since we felt like DEI was needed), then tried to legislate including people based on their gender/race/etc.

    The DEI ideas were attacked asserting it shifts from qualifications to a person's physical properties.

    • Why can't we eliminate gender and racial aspects of applications for things like education, financial support, employment, etc? (Yes, people's names convey some of this)

    • What potential efforts could we make that isn't focused on meeting quotas that continues to put people into boxes based on their physical properties and assess true potential?

    2
    Indiana House Bill 202: I'm a professor. Indiana's progressive colleges stifle debate.
    www.indystar.com I'm a professor. Indiana's progressive colleges stifle debate.

    The Indiana General Assembly is right to scrutinize progressive colleges, columnist Michael Hicks writes.

    I'm a professor. Indiana's progressive colleges stifle debate.

    Indiana's legislature is getting involved in higher education. Your world view will likely inform whether you think that's good or bad. I can't think of many instances where it's good.

    Edit: This post isn't an endorsement of the measure, there are more opposition articles below.

    I'll include quotes from the posted article, and include a couple of other related opposition articles.

    > Indeed, from what I’ve seen, not a single professor or administrator who testified on this bill admitted a lack of ideological diversity in higher education. That is troubling and, at best, reveals an unhealthy institutional blind spot. There are other perspectives.

    > Today, American public universities are among the least ideologically diverse institutions in the world. Indiana is no exception. I am certain there is more ideological diversity in a typical infantry platoon than would be found at any public university.

    > Let me be clear by what I mean about ideology. I teach Karl Marx to first year students. That isn’t indoctrination. Likewise, a biology professor should ignore public opinion on evolution or photosynthesis. Our research and teaching should pursue and reflect truth, no matter the distress it causes. I am not referring to party affiliation or support for a particular candidate. By ideological imbalance, I mean there is an artificial closed-mindedness that stifles debate, isolates important perspectives and diminishes the richness of a college education.

    > One clear example comes from a Ball State University colleague who attended a brainstorming session on how to convince more faculty to live near the university. He suggested that highlighting the many high quality local schools would help attract new faculty. Most normal folks view this as self-evident. Yet, this professor was scolded by a senior university administrator, who said the university would not discuss that because “concern about school quality is white privilege.”

    Opposition articles:

    https://www.indystar.com/story/news/2024/02/26/senate-bill-202-receives-pushback-public-universities-indiana-purdue-ball-state-general-assembly/72743950007/

    > “If you’re saying that you want to be able to fire faculty for not promoting intellectual diversity, it’s basically giving a gag order to them to say: ‘Don’t upset students. Don't challenge them, or we might have to fire you,'” Erickson said.

    > While Purdue has not yet made a formal statement, their faculty-led Senate released a statement claiming the bill poses a near-existential threat to faculty tenure, making retaining and recruiting faculty harder and potentially eroding academic freedom.

    > Ball State's University Faculty Council chimed in as well in a statement condemning the bill and rejecting "the provisions in SB 202 which grant the Board of Trustees oversight of intellectual diversity on campus."

    https://www.indystar.com/story/news/politics/2024/02/29/indiana-senate-bill-202-universities-purdue-deery-tenure-expression-holcomb/72780178007/

    > House Democrats for the last several weeks have railed on the bill in the chamber's education committee and on the House floor arguing against the premise that Indiana universities need the free expression requirements.

    > Historical and contemporary examples of such purposefully diminished intellectual spaces abound: from Communist Party-controlled university curriculum in China, to routine dismissals of free-thinking faculty in Islamist-controlled universities in Iran, to countless suspensions, intimidations, and even forced migrations of academics at the behest of political strongmen in Russia, Turkey, Hungary, to countless other similar or worse cases across the globe.

    Discussion comments:

    First, it's very well known that no one likes American republicans, there's likely no need for party bashing/name calling since there's already tons of posts for that. Please keep party related comments in context on specific educational legislation trends if possible. One of the articles mentions US conservative students though, so it's still relevant.

    • Have you ever attended an educational institution that you felt scolded for expressing an ideological view? Examples: Political, economic, religious, etc? What were those views and how were they received?

    • Have you attended an educational institution where the course curriculum was heavily influenced by political ideology? What was it? What is the context of your region/locality's views and how did it align or differ from what you were being taught?

    • "Our research and teaching should pursue and reflect truth, no matter the distress it causes." Do you have any examples of teachings like this you received? Was it to your benefit or not?

    • Did you ever experience a professor in your higher education track teach heavily political view points, even in a class that was not related to politics (like Biology)? What about one's you identify with? Progressive, Liberal, Conservative?

    > “concern about school quality is white privilege.”

    • Do you believe that mentioning good schools in a community to attract talent is 'white privilege'?

    • Does that mean areas with good schools are for whites, and areas with bad schools are for underprivileged? Is this racial, or socioeconomic?

    • From your higher education experience, what institutional issues did you experience related to this article? Did you experience legislature interference? Did you experience faculty's personal views being reflected in your teaching? Did you get affirmation or rebuking of your original world view before education. Did you feel enlightened or have your original views changed after being exposed to broader viewpoints?

    Edit:

    • Would good educators in your area be fired for expressing dissenting view points based on the composition of your legislative bodies?

    • Do you believe there are more progressive, liberal, or conservative educators?

    • Do you believe there should be a mix of all viewpoints?

    • Do you believe research topics should be a mix of views, if the research crosses from scientific into political/ideology realms?

    6
    Why We Destroyed the World's 4th Largest Lake

    The content creator for RealLifeLore explains how the USSR transformed the Asia for agriculture, and destroying the world's 4th largest lake in the process.

    Edit to add further description:

    Author outlines water diversion for crops, effects on ecosystem, resulting complications from further chemical and pesticide use, predicts future potential conflict due to lack of water resources.

    0
    It’s No Surprise That “Skills-Based” Hiring Has Not Worked
    www.forbes.com It’s No Surprise That “Skills-Based” Hiring Has Not Worked

    A new report shows that, even after businesses announce dropping college degree requirements for jobs, most hire college graduates anyway.

    It’s No Surprise That “Skills-Based” Hiring Has Not Worked

    This article outlines an opinion that organizations either tried skills based hiring and reverted to degree required hiring because it was warranted, or they didn't adapt their process in spite of executive vision.

    Since this article is non industry specific, what are your observations or opinions of the technology sector? What about the general business sector?

    Should first world employees of businesses be required to obtain degrees if they reasonably expect a business related job?

    Do college experiences and academic rigor reveal higher achieving employees?

    Is undergraduate education a minimum standard for a more enlightened society? Or a way to hold separation between classes of people and status?

    Is a masters degree the new way to differentiate yourself where the undergrad degree was before?

    Edit: multiple typos, I guess that's proof that I should have done more college 😄

    127
    Discussions related to Infosec.pub @infosec.pub RedFox @infosec.pub
    Information Security Community Interest

    ALL,

    I have noticed a bunch of slightly overlapping communities, or some that just don't seem super active.

    There are a couple of security related news communities already.

    Is there actually interest in INFOSEC projects, blogs, frameworks, TTPs, etc?

    Perhaps people who are interested would weigh in, and we could pick a community to work in? I know people don't always like the idea of consolidation, but I'm more interested in gauging people's continued interest.

    • Do people here actively work on info sec projects that would post walk throughs, configs?
    • Do people work within security frameworks and have sharable configurations?

    @xavier@infosec.pub @administrator@infosec.pub @postmodern@infosec.pub @wntrmut@infosec.pub @wop@infosec.pub @m8urn@infosec.pub @digicat@infosec.pub @himazawa@infosec.pub

    1
    redfox RedFox @infosec.pub

    Husband, Father, IT Pro, service.

    I ask a lot of questions to try to understand how people think.

    Posts 24
    Comments 346