))
This is a show where we explore the ways in which we, as cybersecurity professionals, test and improve the incident response process. In each episode, we discuss subjects such as IR tabletops, purple team tests, games, workshops, and process walkthroughs. We grapple with definitions of the terms we use, frameworks, metrics, outcomes, strategies, and approaches. The goal is to converge on a set of standards and guidelines that we can all use to make cyber incident response more valuable, less ...
…
continue reading
You´re applied for scores or hundreds of jobs, you finally get an interview, and then you bomb. Or, you think you did well, but you got turned down. Why? How can you improve your chances of succeeding at interviewing for security jobs? What can interviews and the questions teach us? This podcast is for job seekers, hiring managers, screeners, and recruiters who want to improve their interviewing skills.
…
continue reading
1
Are we good? Episode 1 - Introducing our hosts and the show
5:30
5:30
Play later
Play later
Lists
Like
Liked
5:30
Introducing our hosts, Peter Schawacker and Harris Schwartz Why are we doing this? What are our goals? The video version of the podcast will be on YouTube at https://www.youtube.com/@NearshoreCyber For more information, join the free Nearshore Cyber community at https://www.nearshorecyber.community Future episodes will feature guests from across th…
…
continue reading
1
Why is intrusion analysts work so much harder than NOC work?
3:55
3:55
Play later
Play later
Lists
Like
Liked
3:55
What are the essential differences between the perspectives of the NOC analyst and the SOC Analyst? Hint: It's not tech. The question gets to the essence of security. Ptacek & Newsham's paper is a perennial favorite of mine: Insertion, Evasion, And Denial Of Service: Eluding Network Intrusion Detection ≈ Packet Storm (packetstormsecurity.com) A Phi…
…
continue reading
I talk about 2 questions here: What is Threat Hunting? What approach do you prefer? Most candidates are going to come up empty-handed. But not all. Introducing the PEAK Threat Hunting Framework | Splunk TaHiTI - Dutch Payments Association (betaalvereniging.nl) Intro to my course on Threat Hunting: https://youtu.be/tiKScGzBm-Y?si=w6O5wuZ7CZkVHAhH…
…
continue reading
This one is about disrupting the candidate's thinking slightly. Also, it can tell me if the candidate has been in a SOC. https://www.isaca.org/resources/isaca-journal/issues/2017/volume-6/assurance-across-the-three-lines-a-collaborative-defense Building a Cyber Risk Management Program To join the Nearshore Cyber Discord: https://discord.gg/zxG5uyYw…
…
continue reading
Who am I? Why did I decide to share like this? Then, I get into the first of many questions. Here are the 3 podcasts that I mentioned: Cyber Security Podcasts - SANS Internet Storm Center Podcasts - CISO Series CyberWire Daily (thecyberwire.com) I happen to prefer podcasts for my daily news feed. But that´s mainly because I read do much and I often…
…
continue reading
