cybersecurity

The original post: /r/cybersecurity by /u/SpeakerConstant441 on 2024-10-07 19:22:33.

Any ideas of topics or highlights on Deepfakes that I can use in a comms(communications) for employees? Letting them know “what is a deepfakes?” and what they should be aware of. I know I can try AI to generate one but I’m curious to know if anyone has send any emails/training recently and would like to share it with me? Thanks

The original post: /r/cybersecurity by /u/Itchy_Animator_9519 on 2024-10-07 19:15:28.

Hey everyone,

With Cybersecurity Awareness Month in full swing, I wanted to share something cool I’ve been working on—a cybersecurity awareness challenge. It’s all about sharing practical tips and best practices to help people protect themselves online from common threats like phishing and data breaches.

I’ve found a great blog that breaks down key steps to stay secure, and it’s been really helpful in getting the word out. It’s not a promotion, just a good resource for anyone wanting to level up their online security. Feel free to check it out if you’re interested!

Let’s make cybersecurity a habit, not just a once-a-year thing. Stay safe! 🔐

The original post: /r/cybersecurity by /u/tc2k on 2024-10-07 18:44:09.

I've been recently tasked with reconciling an authorization ticket if a new user is created in a server, automatically.

Whenever a new user is added to a server, I want to be able to reconcile it automatically to a ServiceNow ticket. So far I have the data coming in from Splunk with the ID and the origin server.

How would I be able to reconcile these two together using Python?

I am able to ingest the data already from Splunk but my main concern is finding this data in ServiceNow. Is this best approached through an API call or a report generated daily/weekly?

Or if there is another avenue to reconcile the authorization ticket, I am open to suggestions.

The original post: /r/cybersecurity by /u/tkr_2020 on 2024-10-07 18:42:40.

I'm planning to conduct an NDR (Network Detection and Response) POC and would appreciate any advice or recommendations on what should be verified. Your insights are welcome!

The original post: /r/cybersecurity by /u/SecretSilence69 on 2024-10-07 18:23:19.

SOC Manager wants to implement SOAR. What security use cases do you have?

Obvious one would be validating SIEM IOC matches, but what else?

The original post: /r/cybersecurity by /u/Wasique111 on 2024-10-07 17:47:35.

Hey everyone 👋, I've completed several courses in cybersecurity and penetration testing. Recently, while testing my skills, I realized that I need to strengthen my computer networking concepts. Can you suggest some good resources (books, YouTube channels, courses, etc.) to help me improve my networking knowledge? I'm open to anything that can help me get better at the fundamentals.

Thanks in advance!

The original post: /r/cybersecurity by /u/Shujolnyc on 2024-10-07 17:17:15.

I was just writing one and am thinking that I am giving away too much information about out stack. At the same time, I need people who know my stack. Do I list out our MDR, NDR, SIEM, SOAR plaform, Phishing testing vendor, etc. etc.?

The original post: /r/cybersecurity by /u/antdude on 2024-10-07 16:59:58.

The original post: /r/cybersecurity by /u/ElorionX on 2024-10-07 16:38:28.

If you had an hour as a primer on what an incident commander does during incident response, how would you go about "training" them? I thought it might be cool to have a scenario to run through or some sort of exercise to show rather than tell what it is and how to become one. Thoughts?

The original post: /r/cybersecurity by /u/kiroxan on 2024-10-07 16:15:20.

Hello ,

I'm working on a security companion for apps that lets you chat with your application's logs/traces , i'm looking for a set of questions that may come to your minds that would either help investigate an issue or detect malicious behavior via alerting.

I will combine all the questions and make sure the tool respond to most top of mind questions first.

Thank you for your help,

The original post: /r/cybersecurity by /u/Coder_Koala on 2024-10-07 16:14:07.

Any good book for this?

The original post: /r/cybersecurity by /u/VladirMP008 on 2024-10-07 16:03:22.

Hello Everyone,

I wanted to know if anyone in here is using Vulscan and they are PCI DSS compliant. Does Vulscan has authentication scan?

The original post: /r/cybersecurity by /u/iYassr on 2024-10-07 16:02:33.

Learning by doing is the ultimate type of learning

Especially in cybersecurity space, people focus too much on certifications(Which is good) but is there something else?

Want to know how sql injection work? Just develop a simple vulnerable app and try to exploit it

Want to learn linux?

Maybe use it as your daily driver for a while Cloud? Setup a cloud account and examine it

Kubernetes? Have a cluster on your cloud account and try to deploy ready made apps

From my experience, learning by doing is more interesting and fun, what you learn sticks forever.

Understanding is also becomes way deeper,

No matter how much I read about ldap protocol, I haven’t been able to grasp it until I tried integrating with it.

Let’s say you want to deploy your own lab in the cloud or at your home:

First you need to go through networking(IPs, Layers, DNS)

Now you need to deploy an application? Go through deployments (Operating systems, apache server, ..)

Now you need to protect your app? Maybe deploy a firewall, IDS, WAF, encoding..

Now you need a secure remote access?

You’ll deploy a VPN solution This type of knowledge is instinctive,

it fuels curiosity and I think it’s more valuable in creating a solid basics that will you set you apart in your career.

While everyone is doing the same, you become different.

This doesn’t discard theory and reading and other resources, but to create an environment where you mix them both.

my 2 cents.

The original post: /r/cybersecurity by /u/mysecret52 on 2024-10-07 15:30:12.

I'm a security engineer right now (I have a total of 3 years of experience) and I found a job posting for my current company for "Linux Systems Engineer". The pay looks to be higher, and it's asking for prior programming experience, server hardening, VMware experience, and experience with containers (as well as a couple other Red Hat related items). I have created scripts in my current role and have worked with hardening systems. I also have a Red Hat certification and I'm awesome at Linux so I want to apply but I'm scared. What do you guys think?

The original post: /r/cybersecurity by /u/Finx_X on 2024-10-07 15:26:09.

Original Title: Does anyone know what will give me the best opportunity to move from the uk to the usa (for permenant residency) in the cyber security field? currently doing my A levels (in computer science etc) but what path would i need to take for the best chance to be relocated?

E.g would joining a uk company with us presence be my best chance? or applying for visas or what?

Much appreciation for anyone who helps me!

The original post: /r/cybersecurity by /u/Extreme-Lavishness62 on 2024-10-07 15:02:53.

I am confused on what governance really means here? Like having policies, adhering to frameworks, etc. The thing is when I look into GRC tools, most of them are like we will get you SOC2 compliant, or ISO compliant all at one place, how are these handling governance part of the process, like risk and compliance comes under this? Is there something specific which covers governance, plus what is all these modern GRC tools? How they are claiming to be modern? Please help as I am confused about these tools, need to choose a tool for small sized company, do they even need it? Like management told our team to handle GRC? Can we somehow manage it internally or need to buy a tool, We are already doing risk analysis on some assets, and compliance activities using simple spreadsheets, like gap analysis, and other registers etc. I don't know what exactly this GRC thing is, are these tools justified

The original post: /r/cybersecurity by /u/support_telecom127 on 2024-10-07 15:02:04.

Good morning friends.

I am thinking of signing up to take the Security Blue Team Level 1 exam, however, I have some questions about the exam.

I have read in forums that the exam is theory and practice, but, does the final exam have a duration (the exam is supervised)? Is there a limit on the score to pass? .

Could you tell me about your experience and how was your process when you started the course? On the other hand, does the course only have one language available?

The original post: /r/cybersecurity by /u/urosperko on 2024-10-07 12:43:19.

The original post: /r/cybersecurity by /u/athanielx on 2024-10-07 12:31:07.

Hi there,

We have the intention to get rid of passwords and implement passwordless. Currently, we are using Microsoft Entra ID.

Entra ID offers a variety of authentication options, including FIDO2 Passkeys, which can be stored in the Microsoft Authenticator App, Windows Hello, or via Microsoft Authenticator App Push notifications. There are also integration capabilities for macOS, though the device must be enrolled in Intune to be compatible.

Additionally, Conditional Access policies allow you to block authentication methods that require entering a username and password.

I'm curious about which authentication method you’ve implemented and any challenges you've encountered.

Our goal is to purchase separate physical security keys for administrators, while allowing other employees to use their personal phones as a key (key vault) for authentication or login via Microsoft Authenticator App Push notifications.

The original post: /r/cybersecurity by /u/mysecret52 on 2024-10-07 12:13:42.

I'm 25. I'm at the first level of my position and I've been working here for almost 2 years (I have a total of 3 years of full-time experience). At my last meeting with my boss several months ago, I asked him what it takes to be promoted to the 2nd level and all he said was that "it just takes time, depends how long you're here" (He's said this before at another meeting last year too).

A coworker who started the same time as me has gotten promoted last month to the 2nd level, and so has another coworker (this one has been here an extra 7 months longer though). I was looking at opportunities on the company site for internal transfers and I found a posting for the 2nd level. Several of the adjacent teams have the same position title so I'm not sure if it's for our team or for any of the other ones.

At work, I do whatever my supervisor tasks me with, and I'm also working on another coworker's task once a month (over a weekend because it's a weekend shift), and starting to work with another coworker on a project he's been doing. My boss hasn't really given me much constructive feedback before at meetings (he usually says I'm doing "great"). I guess if I had to go off of my own analysis, I think I'm slow at work and maybe they also want someone who's more proactive and can find their own tasks? Not sure. Any thoughts?

The original post: /r/cybersecurity by /u/ImprovementOld3425 on 2024-10-07 11:51:52.

Hello as mentioned in the title I am a teacher in a "third world country" university and my students are eager to learn more technical details about cyber security and get more practical because our curriculum is more therotical than anything else unfortunately, but I want them to get Hands on. Is there anything I can do or apply to get them free subscriptions in any platform that offers these services. Thank you all for any response.

The original post: /r/cybersecurity by /u/Classic_Sink_1188 on 2024-10-07 10:30:26.

So I'm trying to learn the ropes from the bottom. My project is to take a raspberry pi 5 pc with debian and get on hack the box. Is this system good enough to even attempt? I don't have alot of money so a new laptop is out..and this seems kind if fun and a good learning lesson.

The original post: /r/cybersecurity by /u/TwoSharpCircles on 2024-10-07 08:54:52.

Hey guys - I'm looking to start mentoring those who are trying to get into the field, specifically those who are looking to get into security engineering.

I have fumbled around, waited on companies I've worked for to give me engineering work or make me an engineer and it just never happened so I figured it out myself. I want to help smooth the road out for some of you who are wondering how to make the transition.

This won't just be a - "Oh get this certification and you'll be set!" It will be much more than that because nothing is ever as simple as getting a certification. This field is a fucking slog.

About me

I have about five years of experience in the field and I'm a senior security engineer.

I'm new to this but hey, it's free.

When

I'll be starting up in November.

I'm in one of the 'roo time zones so you'll have to deal with awkward scheduling times.

Interested?

Just shoot me an inbox.

The original post: /r/cybersecurity by /u/Mountain_Ad_8525 on 2024-10-07 07:49:03.

We've been having an issue where a script we use will reactivate any Google account we deactivate from the admin console. So instead, if we suspect possible compromise, we've taken to resetting passwords (to a random one) and locking them out of their gmail account that way. Is there any downside to this method vs deactivation?

The original post: /r/cybersecurity by /u/Minatokamikaze7 on 2024-10-07 06:49:02.

Hello guys, well currently I am working in company where they are setting up the cyber domain. So, as in our team, we are only 3 members who are working and we all are freshers and don't have cybersecurity industry experience. When we joined the company they told us they would hire the seniors but now they are telling us that they can't able to find which is a very surprising thing, to be honest. They want us to set up whole cybersecurity domain but they don't want purchase and invest in cyber security tools and stuffs instead they tell us to do with free tools available. So, as freshers we don't have much experience and don't know basically how industry works and we feel sometimes that we need guidance but there is no one here to guide us. So I was curious to ask should I continue here for the experience or I am taking risk on my career as by continuing this job. Any suggestions and thoughts?