cybersecurity

The original post: /r/cybersecurity by /u/aecyberpro on 2024-11-23 14:30:16.

I frequently see examples of people in cyber security saying that "AI sucks" and it failed to be helpful, or provided bad advice or code. There is a huge difference in the quality of an AI agent's response based on the quality of your "prompt". In my blog post I've provided guidance that will help you get better results. I've provided a script that will create your prompt for you, and show how I use it.

https://www.aecyberpro.com/blog/general/2024-10-20-Better-LLM-Prompts-Using-XML/

Note how much effort goes into providing guidance to AI in both the "system" prompt (instructions) and the "user" prompt. That's exactly what's required to get the best results from AI.

The original post: /r/cybersecurity by /u/levinvo on 2024-11-23 13:53:05.

Analyze and save links with AI to check URL safety, prevent risks, & stay secure.

The original post: /r/cybersecurity by /u/0ver7hinker on 2024-11-23 12:53:20.

I am intrested to know which SCA tools does your organization use (is it classic SCA or SCA via SBOM). What were the factors you took in mind before evaluating the tools. (I.e dependency coverage, tested for multiple languages and frameworks, container scanning, how efficiently it can find transitive issues etc)

The original post: /r/cybersecurity by /u/F3dai on 2024-11-23 12:13:51.

Hey everyone! Curious to know how you’re using AI in your roles. I’m trying to get a better idea of how AI benefits cybersecurity, how people are using it, and what’s missing that you’d like to see.

For me, I use AI to automate parts of research during risk assessments and to summarise cybersecurity standards to help advise clients. How about you?

I'm particularly interested in anyone using web search tools like Perplexity to conduct research.

The original post: /r/cybersecurity by /u/cold-torsk on 2024-11-23 12:07:26.

How do you ensure compliance with cybersecurity requirements in an industrial network? Do you regularly patch and update thousands of multi-vendor industrial devices, or do you focus on securing the network itself through segmentation, firewalls, and other protective measures? I’m curious to learn how others balance these approaches in complex environments.

The original post: /r/cybersecurity by /u/Formal_Tree2535 on 2024-11-23 11:15:34.

The original post: /r/cybersecurity by /u/pseudo_su3 on 2024-11-23 10:53:37.

Looking to hear from Sr. DLP Analysts.

I’m in FinServ, and I currently work as a Sr. incident responder in the SOC. It’s a very large financial institution.

I love SOC work, I being an analyst and investigating stuff but I’m tired of the fast paced “do more with less” workflow. I guess I’m burnt out.

I’ve been offered the opportunity to go to DLP as a senior analyst. The title says Cyber threat in it.

They have a new UEBA platform and are working with MIP. I’d be coordinating/handling remediation of incidents.

I specialize in threat hunting, threat research, phishing SME, and DPI/DPA, insider threat (financial crimes) etc.

Am I going to get the same rush in DLP? Has anyone here transitioned to DLP from blue team? What is it like?

Thanks!

The original post: /r/cybersecurity by /u/UbikUbikUbik on 2024-11-23 08:40:46.

Hi everyone,

I'm a screenwriter developing a feature film that involves a cybersecurity subplot. I'm looking for someone who would be willing to chat to me about some aspects of the script to ensure accuracy and plausibility.

My work is funded by a small but prestigious grant. At the moment, I can offer a credit on the film, but depending on how things go and the extent of collaboration, there could be eventually be a fee if the project makes it into production.

The genre is paranormal thriller, and the film will have strong themes of death and consciousness. The film is set in Vienna (Austria). I’ll share more details over DM or in conversation.

I’m looking for:

• Someone to brainstorm and validate technical plot points
• Help ensuring the cybersecurity elements are realistic
• General guidance on industry terminology and practices

Have you ever daydreamed about bizarre cyber attack scenarios? Everything that can go wrong, does go wrong, and just a few small errors lead to a clusterfuck nightmare from hell? I wanna hear those!

I’m especially interested in creating a scenario involving either water management systems (SCADA) or some other mass system.

I'm hoping to avoid common tech tropes and create something that respects the field. If you're interested in contributing your valuable time, please DM me. My time zone is GMT+1 (an hour ahead of London).

Thank you!

The original post: /r/cybersecurity by /u/Fantastic_Neat_114 on 2024-11-22 15:57:50.

There is a preparation batch being conducted online by ISACA Kolkata chapter (India). The minimum number of participants each batch is 10. Currently we are 6 people, we need 4 more to start the batch. Classes were supposed to start on 16th but due to not meeting the minimum batch number it's getting delayed.

Kindly get in touch with Avijit Dutta, ISACA Kolkata chapter coordinator.

I am sharing the post by ISACA Chapter below.

Preparatory classes for CISA examinations 2024, to be conducted by ISACA Kolkata Chapter

Dear Members, We are pleased to inform you that ISACA Kolkata Chapter has planned for the preparatory classes for CISA examinations. The classes will be held over the weekends. The detail of the program is as given below: Classes Start date- 16th November 2024 Duration: 2 to 3 months Time: Saturdays 3 pm to 7 pm and Sundays 10 am to 2 pm Fees for the preparatory classes- INR 10000 per delegate Mode of delivery- Online

General Terms and condition:

1. Full training fees must be paid as a prerequisite to enrollment to the preparatory classes.

2. Once communicated, fees would have to be paid by Cheque in favour of "INFORMATION SYSTEMS AUDIT & CTRL ASN KOL" or through NEFT.

NEFT Details : Account Name- INFORMATION SYSTEMS AUDIT & CTRL ASN KOL A/c No.50100548534126 HDFC BANK Chowringhee Road Br. RTGS/ IFSC : HDFC0005922 Please share the transaction / acknowledgement no.

1. CISA review manual will covered as part of the training. The manual is a copyright document so the chapter will not be in a position to share the manual. The manual is available online at a discounted price for the members.

Interested candidates are requested to enroll for the classes latest by 02/11/2024 so as to enable us to plan the logistics.

For further queries on CISA examination or registration please feel free to email me or call me (after 8 pm).

Thanking you Avijit Dutta (CISA, ISO 27001 LA) ISACA KOLKATA Chapter – Certification Coordinator Mobile no.: 9007187373

The original post: /r/cybersecurity by /u/KingSash on 2024-11-22 15:41:13.

The original post: /r/cybersecurity by /u/ScientistEarly6345 on 2024-11-23 01:54:16.

Hello Community, I am currently working as a contractor in a US based energy company as a Cybersecurity Analyst and do any of you know any opportunities pertaining to full time OT Cyber Security, who also provides Visa sponsorship. I have relevant experience ands certs.

Thanks you!

The original post: /r/cybersecurity by /u/JCTopping on 2024-11-23 01:49:05.

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-11-23 01:48:42.

The original post: /r/cybersecurity by /u/Ok-Astronomer5146 on 2024-11-23 00:11:10.

The original post: /r/cybersecurity by /u/Techatronix on 2024-11-22 23:21:49.

So, I know a lot of us in here, frequently go after certifications. Over the course of getting certifications, I also have to get CPEs. Some of the activities/courses I have pursued in order to rack up CPEs, have also sent badges to my Credly. Due to this, my Credly is cluttered with irrelevant badges. Should I just hide these or reject them outright? They make it hard for others to see my relevsnt certs, which could be solved by simply hiding. However, even when hidden it is hard for me on the back end when I am logged in to sort through, which could be solved by rejecting them. Is there any good reason to save the badges that are not necessarily relevant for others to see?

The original post: /r/cybersecurity by /u/awsswaawsswa on 2024-11-22 23:08:28.

I’ve wondered for a while now, I’ve been reading the VDBIR almost yearly and only recently wondered it there were any similar reports that would be good to be compare with it? What report do you guys like to read besides Verizon’s?

The original post: /r/cybersecurity by /u/Friendly-Copy5895 on 2024-11-22 22:44:12.

Hello everyone!

I’m looking for recommendations for a virtual SOC (vSOC) or managed SOC service that has strong experience handling Kubernetes-specific logging, and other data sources like endpoint, network, etc. I work for a mid-market company, and while we already have a solid logging system in place for our infrastructure, we’re heavily invested in Kubernetes and need a team that can efficiently manage and analyze that type of logging at scale. Our current contract has the bandwidth, but they’ve been dropping the ball recently claiming “they don’t understand Kubernetes that well.”

We currently have Mandiant IR on retainer, but before we reach out to them for SOC management, we want to explore other managed SOC options. For context, we use S1 EDR on our endpoints and rely on a variety of open-source tooling across our environment (Wazuh, and others).

If you have any suggestions or experiences with providers who specialize from Kubernetes logging to endpoint and network logging within a managed SOC setup, I’d love to hear from you!

Thanks in advance!

The original post: /r/cybersecurity by /u/anynamewillbegood on 2024-11-22 22:31:46.

The original post: /r/cybersecurity by /u/GDemay on 2024-11-22 21:15:08.

If you’ve worked with SIEMs like Elastic or Splunk, what’s been the most frustrating thing about them? For me, they can feel overly complicated, but I’m curious, what’s the one thing that really drives you crazy? False positives? Messy rule setups? Something else?

The original post: /r/cybersecurity by /u/andy-codes on 2024-11-22 20:57:20.

I've recently transitioned to infosec, a journey I documented through blog posts over time. Now, I've had the opportunity to collaborate with OffSec to write a summary of this transition, which is finally up on their website. In the article, I share my experience moving from software engineering to offensive security, discussing the challenges, the effort required for upskilling and certifications like OSCP, and the importance of community engagement. Despite obstacles, I successfully landed an offensive security role, and the experience has been incredibly rewarding.

The original post: /r/cybersecurity by /u/goran7 on 2024-11-22 20:39:58.

The original post: /r/cybersecurity by /u/andy-codes on 2024-11-22 20:39:37.

In the article, I discuss a prototype pollution vulnerability (CVE-2023-45282) found in NASA's Open MCT. This flaw in JavaScript allows attackers to alter object prototypes, potentially leading to serious outcomes like privilege escalation or remote code execution (RCE). I explain how the vulnerability occurs in the "Import from JSON" feature, which can crash the application or lead to more dangerous exploits. Fortunately, NASA responded quickly to fix the issue, but it highlights the importance of securing deep merge operations in JavaScript.

This security research was originally published at VisionSpace Blog (https://visionspace.com/prototype-pollution-in-nasas-open-mct-cve-2023-45282/)

The original post: /r/cybersecurity by /u/phillies1989 on 2024-11-22 19:37:23.

I have worked in the defense sector my whole career starting over a decade ago as a software engineering and working the last 7ish so years in cyber security. I have heard from some people that defense cyber doesn't translate to private industry and that while in the defense industry I am good at my job my skills I have are not as in demand in private industry (never worked in a SOC but have IT, network, RMF, system hardening, patching, vulnerability scanning skills, and scripting automation skills) . Are there any truth to these statements and has anyone here made the switch from defense to private sector? Just planning out a few roadmaps where to go next in my career and obviously switching to private industry is one of the options.

The original post: /r/cybersecurity by /u/gurugabrielpradipaka on 2024-11-22 19:36:31.

The original post: /r/cybersecurity by /u/AffectionateNamet on 2024-11-22 19:31:22.

For UK peers, I’m looking at geeking CHECK but honestly cba to go over material for CPSA/CRT for context I’m a pentester and have sec+ CySA+ from a few years ago.

I’m looking at jumping straight for CCT-inf but I see the exam is a written assessment, which is also dull.

Are there any benefits of going for CTM over CTL? I want to avoid the number of exams, I know I can get CRT through equivalency but that doesn’t get CTM. Is there any value in CRT without CHECK?