7 Minute Security

7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.

https://7ms.us/

Eine durchschnittliche Folge dieses Podcasts dauert 9m. Bisher sind 397 Folge(n) erschienen.
subscribe
share



 

7MS #361: Logging Made Easy


Today we're talking about Logging Made Easy, a project that, as its name implies...makes Windows endpoint logging easy! I love it. It offers a simple, digestible walkthrough of several short "chapters" to get started...


share





 2019-05-03  26m
 
 

7MS #360: Active Directory Security 101 - Part 2


This episode of the 7 Minute Security podcast is brought to you by Netwrix. Netwrix Auditor empowers IT pros to detect, investigate and resolve critical issues before they stifle business activity, and proactively identify and mitigate misconfigurations in critical IT systems that could lead to downtime. For more information, visit netwrix.com.In today's program we continue a series on fundamental Active Directory security that we started back in episode 327...


share





 2019-04-25  22m
 
 

7MS #359: Windows 10 Security Baselining


This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! In this episode I explore some ways you can turn up the security heat on your Windows workstations by mapping their security to a hardening standard and/or baseline...


share





 2019-04-19  26m
 
 

7MS #358: 4 Ways to Write a Better Pentest Report


This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! This week we're talking about everybody's favorite topic: REPORT WRITING! Yay! The peasants rejoice! In the last few months I've seen a lot of reports from other companies, and here are a few key problems I see with them:

  1. Too long - overall these things are waaAAaAaaAayyyYYYYYYyyy too long...


share





 2019-04-16  39m
 
 

7MS #357: 7 Minutes of IT and Security Tips


Today I'm launching an ongoing series called 7MOIST. It stands for:

  • 7
  • Minutes
  • of
  • IT
  • and
  • Security
  • Tips
The wildest, craziest, nuttiest part of this series is that each episode will be 7 minutes long!I know, I know! You're saying, "Wait a sec, bub, isn't that why this podcast is called 7 Minute Security in the first place?" And yes, you'd be right...


share





 2019-04-11  7m
 
 

7MS #356: Faster Hard Drive Forensics with CyLR and CDQR


This episode is brought to you by ITProTV. Visit https://www.itpro.tv/7minsec for over 65 hours of IT training for free! In today's episode I talk about some cool tools you can use to start a hard drive forensics investigation more quickly...


share





 2019-04-03  24m
 
 

7MS #355: Mousejacking!


This episode is brought to you by Netwrix Auditor, which empowers IT pros to detect, investigate and resolve critical issues before they stifle business activity, and proactively identify and mitigate misconfigurations in critical IT systems that could lead to downtime.In this episode, we talk about the Mousejacking attack, which allows someone with a crazy radio (or other similar device) to inject keystrokes into vulnerable keyboards and mice...


share





 2019-03-27  27m
 
 

7MS #354: Tales of Internal Pentest Pwnage - Part 2


Today's episode is the thrilling, exciting, heart-pounding conclusion of Tales of Internal Pentest Pwnage - Part 1. In this episode, we cover the final "wins" that got me to Domain Admin status (and beyond!):

  • Got DA but can't get to your final "crown jewels" destinations? How about going after the organization's backups (evil grin!)
  • Got DA but stuck to find hot leads to where the crown jewels are? Get snoopy and go through people's files, folders and.....


share





 2019-03-25  38m
 
 

7MS #353: Tales of Internal Pentest Pwnage - Part 1


Buckle up! This is one of my favorite episodes.Today I'm kicking off a two-part series that walks you through a narrative of a recent internal pentest I worked on. I was able to get to Domain Admin status and see the "crown jewels" data, so I thought this would be a fun and informative narrative to share...


share





 2019-03-22  42m
 
 

7MS #352: Recap of Rad Red Team Training


I recently had the awesome opportunity to take the awesome Real World Red Team course put on by Peter Kim, author of The Hacker Playbook series.TLDR and TLDR (too long don't listen): go take this training. Please. Now. The end.If you want to hear more, check out today's podcast episode where I talk about all the wonderful tidbits I learned from Peter during the training, including:

  • Doppelganger attacks - does your target have a frequently used site like mail.company...


share





 2019-03-14  34m