This week I was at SANS London learning about forensics. I’ll post a proper writeup on the the course a bit later (it didn’t actually finish until this afternoon), but I thought I’d attend one of the SANS evening talks to learn something new and flex my rarely-used journalistic muscle.
The bulk of cyber security incidents are fairly simple, but sometimes you end up working with a whole network of hosts that are connected to each other in different ways. With this scenario in mind, I recently set out to explore the possibility of creating a Python script to automatically generate a simple network diagram to visualise things more clearly.
A colleague recently asked me for my advice for new cyber security consultants joining our company, which got me thinking about what I’ve learnt over my first year in the industry. Here are my seven top tips for those just entering the world of security consulting.
A little while ago I wrote about grouping data by multiple fields in Splunk, which is a very useful function that produces hideous export files. I took some time to write a Python script to fix that and make the data a lot more useful for further analysis.
My blog has had a bit of a cyber security learning theme recently (I have a couple more posts lines up on the topic, too) and it’s only set to continue this week with a great free resource that I first learnt about at the SANS Cyber Retraining Academy.