May 20th, 2024
Defender Fridays Wrap-Up: Cybersecurity in Space, Enterprise Security Monitoring, and more
Nicole Boyd
Unveiling the Concepts of Enterprise Security Monitoring with Wes Lambert of Security Onion Solutions
This session of Defender Fridays highlighted the importance of enterprise security monitoring. As cyber threats become more complex, the ability to detect and respond to them is crucial for modern business operations. Wes discussed various tools that help collect and analyze data from both networks and user endpoints, clarifying the limitations of TLS interception and concluded by recommending a blend of network and endpoint visibility for a comprehensive and robust security strategy.
Links:
https://www.mitre.org/news-insights/news-release/mitre-response-cyber-attack-one-its-rd-networks
https://securityonionsolutions.com/
https://twitter.com/UK_Daniel_Card/status/1781200299434168568
https://x.com/LeonVQZz/status/1781295770093650259
Cybersecurity in Space Systems with Tim Fowler from Black Hills Information Security
Tim Fowler of Black Hills Infosec explored a very intriguing topic: cybersecurity in space systems. With the increasing use of space-based technology, Tim urged us to consider how traditional cybersecurity practices apply to space systems security and highlighted current trends like the use of Linux-based systems. Tim shared how the IT industry can adapt quickly to hardware failures, providing examples of maintenance and recovery strategies.
Things Defenders don’t like about Offensive Security with Tim MalcomVetter from NetSPI
Tim MalcolmVetter, known for his extensive experience in offensive cybersecurity, dissected the nuances between 'offense' and 'defense' in cybersecurity, emphasizing the necessity of collaboration for superior security. Tim advocated for regular validation and rigorous testing to strengthen security mechanisms and highlighted the importance of pentest findings in devising actionable security measures. Shifting the traditional cybersecurity paradigm, Tim stressed the need for Attack Surface Management, a proactive defense approach where vulnerabilities are continuously assessed and addressed.
Harnessing OS Query and Fleet for IT Administration and Security Operations with Zach Wasserman of Fleet Device Management
Zach Wasserman shared the progression of OS Query and its enhanced agent capabilities. Zach threw light on Fleet Device Managment's dual facets - an open-source solution and its premium features designed for advanced IT administration and security operations. Zach also shared how you can experiment and effectively setup OS Query and Fleet.
What is Defender Fridays?
Each week, we bring you a different expert guest who will share their invaluable insights on topics ranging from threat hunting and incident response to security operations and detection engineering. What makes these sessions special is their informal and interactive nature, allowing for an engaging dialogue between our guests, hosts, and you – our audience.