Nov 23, 2017
This week is a bit of a short show, as Ms. Berlin and Mr. Boettcher are out this week for the holiday.
I wanted to talk about something that I've started doing at work... Creating training... custom training that can help your org get around the old style training.
Also, we got some community audio from one of our listeners! "JB" went to a SANS event in Berlin, Germany a few weeks ago, and talked to some attendees, as well as Heather Mahalick (@HeatherMahalik), instructor of the FOR585 FOR585: Advanced Smartphone Forensics"
Take a listen and we hope you enjoy it!
Direct Link: https://brakesec.com/2017-039
RSS: https://brakesec.com/BrakesecRSS
Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
Join our #Slack Channel! Sign up at
or DM us on Twitter, or email us.
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast on #Patreon: https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
---Show notes (from Bryan and JB)---
Ms. Berlin in New Zealand
Mr. Boettcher with the family
Training
What makes us despise training so much?
Cookie cutter
Scenarios do not match environments
Speaking is a little too perfect
Flash based
UI is horrible
Outdated
Easy questions
Infosec training is worse
2 hours of training each year
Not effective
Why not make your own?
Been doing it at work
No more than 7 minutes
Custom made
Tailored for your own company
Do you training like a talk at a con
Time limit: 7 (no more than 10 minutes)
Create some slides (5-7 slides)
Do it on a timely topic
Recent tabletop exercise results
Recent incident response
Phishing campaign
Script or no-script required
Sometimes talking plainly can be enough
https://screencast-o-matic.com/ - Windows (free version is 7 minutes long)
Quicktime - OSX (free) (Screenflow)
Handbrake (convert to MKV or MP4)
Microphone (can use internal microphones if you have a quiet place)
[begin notes: SANS Berlin REMOTE
segment]
corresp. JB
reach jb at
(@cherokeejb_) on brakesec slack, twitter, &
infosec.exchange
--link to all trainers and info from archive
SANS Berlin 2017
https://www.sans.org/event/berlin-2017/
--pre-NetWars chat with the SEC 503
class:
-what
do you like about SANS conference
-european privacy laws, even country to
country!
-biggest priority for next year: building
a SOC, working together with sales, asset management, constant
improvement, password reuse
--special BrakeSec members only
cameo
--“bring your own device” interview with an
Information Security/forensics professional
password elimination or no
reuse
--interview with Heather Mahalik
(@HeatherMahalik)
Bio
https://www.sans.org/instructors/heather-mahalik
-“game over” whatsapp, unpatched android, other
known-historically weak tools as “assume breach of
mobile”
-interesection of network forensics and
mobile
-open
source tools and the lack of, how to judge your
tools
-Heather’s recent blog
-getting into mobile, decompiling,
etc.
-number one topic for next year:
encryption for Andriod 8 Oreo, iOS 12
-“most popular android is still
v4.4”
Heather’s blog we mentioned
http://smarterforensics.com
link
to the book Heather mentioned:
https://www.amazon.com/Practical-Mobile-Forensics-Heather-Mahalik/dp/1786464209/
--link to blog mentioned, jb’s initial
reflections on SEC 503
https://www.linkedin.com/pulse/whaaaa0101-0000-0011t-aka-extracting-files-out-pcaps-foremost
JBs blog main link, or if
you’re not a fan of linkedin
https://cherokeejb.blogspot.de/
small featured music clips used with permission
from YGAM Records, Berlin
“Ж”
by the artist Ōtone (Pablo Discerens),
(c)(p)2016
Get it for free or donate at
http://ygam.bandcamp.com !
book
club EMEA!:
message JB or David (@dpcybuck) or any of us on
brakesec slack if you want to take part in the book club
conversations live, but can’t make the main call !
--
-
[end
segment]