Phil Hagen

@[email protected]
949 Followers
269 Following
153 Posts
Ally. Infosec. SANS DFIR Instructor. Forensics. Craft beer. Technology. OneWheel. Radinn. Running. Delaware. Travel. He/him.
GitHubhttps://github.com/PhilHagen
Threadshttps://threads.net/@PhilHagen
Pelotonhttps://members.onepeloton.com/members/PhilHagen
Reddithttps://www.reddit.com/u/philhagen
Phil HagenMay 13, 2024
I'm excited to launch a YouTube channel where I'll share information on Digital Forensics and Incident Response (DFIR), particularly Network Forensics. https://www.youtube.com/@PhilHagen
The initial videos are a primer for students of my SANS Network Forensic class, FOR572: over 2 hours of content for newer network practitioners. Future videos include more on networking, the SOF-ELK platform, home automation, and wider DFIR subjects. Check it out and share with your colleagues!
Bevor Sie zu YouTube weitergehen

Phil HagenNov 28, 2023
Josh LemonNov 28, 2023

The @SANSInstituteOfficial 2024 Threat Hunting Survey is now open!

If you conduct #ThreatHunting for your organisation or someone else's, please take 10mins to provide your input so we can analyse what the industry as a whole is doing and share a free report early next year.

🔗 https://survey.sans.org/jfe/form/SV_6G8MIwaoBEVKas6

2024 SANS Threat Hunting Survey

2024 SANS Threat Hunting Survey

Phil HagenNov 1, 2023
John StonerOct 31, 2023
This is a bit delayed, but here is my talk from @sansforensics in Austin on logging and visibility around a Golden SAML attack and subsequent cloud activity in both Azure AD and O365. Big thanks to @heathermahalik, @PhilHagen and the team at SANS for giving me an opportunity to present! https://www.youtube.com/watch?v=VpgiwpySNuA
I Want The Log I Can’t Have

YouTube
Phil HagenJul 30, 2023
Tarah WheelerJul 29, 2023

PLEASE SHARE ESP TO UNDERREPRESENTED WOMEN LOOKING FOR INFOSEC JOBS: We at Red Queen Dynamics are proud to bring you the Infosec.Exchange State Of The Instance webinar on August 3rd at 11AM Pacific.

Join me, @jerry, Mari Galloway, and Talya Parker to talk about opportunities for underrepresented women in cybersecurity startups after the Twittersplosion removed all our weak social ties. How do we find job postings now that we've all gone to different places? There will be some *very frank opinions* shared.

Get jobs! Talk to Jerry about how I.E. is working to increase the voice of underrepresented women on this platform! Learn from Mari and @TalyaParker about how best to reach to communities respectfully to provide job postings!

Learn more and sign up here: https://redqueendynamics.com/en/blog/infosec.exchanges-state-of-the-instance-navigating-startup-hiring-in-the-post-twitter-world

Red Queen Dynamics presents Infosec.Exchange's State of the Instance

Post advertising webinar for startup hiring

Phil HagenJun 29, 2023
It's been a blast to see our @redcanary community team work with @blackhillsinfosec to create a Red Canary expansion deck to the most awesome Backdoors and Breaches IR tabletop game. Look for it at our BlackHat booth, or skip the wait and check out the ONLINE version now: https://play.backdoorsandbreaches.com
B&B Shuffle by Richard Phung/P3hndrx

Phil HagenJun 27, 2023
Nicholas C. ZakasJun 26, 2023
Repeat after me: Blocking paste on a form textbox is not a security feature.
Phil HagenJun 27, 2023

I’m very excited to announce our first keynote speaker for the 2023 @sansinstitute DFIR Summit is former special agent Chris Tarbell! Best known for being the lead agent on the Silk Road case, he’ll be sharing his unparalleled perspective from a career in cyber crime law enforcement and the private sector.
Join us in Austin or for free online, August 3-4!

https://www.sans.org/cyber-security-training-events/digital-forensics-summit-2023/

Phil HagenJun 24, 2023

If you would like to get some more insight into #Wagner (and given the past 24 hours or so, you most likely should), this is an excellent 40min documentary on them that a friend helped to create. Well worth the investment.

#russia #russiancoup #RussianCivilWar #putin #ukraine #prigozhin

https://www.wsj.com/video/series/shadow-men/shadow-men-inside-wagner-russias-secret-war-company

Shadow Men: Inside Wagner, Russia’s Secret War Company

This Wall Street Journal documentary traces Wagner's evolution from a small, guns-for-hire operation into a sprawling network of businesses that has been active on four continents.

WSJ
Phil HagenJun 22, 2023

Just released a new version of the SOF-ELK VM with some small but important updates!
* Updated to all ES 8.8.1 components
* Ships with an older but usable MaxMind database from before the new license stopped reasonable redistribution. You can (and should) still bootstrap newer databases with the included script, but it'll work "out of the box".
* After login, you'll be notified if there is a new VM version available for download

All the details and download link here: https://for572.com/sof-elk-readme

sof-elk/VM_README.md at main · philhagen/sof-elk

Configuration files for the SOF-ELK VM, used in SANS FOR572 - sof-elk/VM_README.md at main · philhagen/sof-elk

GitHub
Phil HagenApr 24, 2023
Runa SandvikApr 24, 2023
I’ll give journalists in Ukraine pro-bono cybersecurity guidance, inc. security keys for enhanced two-factor auth for email and social media. If you know folks at Kyiv Independent, Kyiv Post or elsewhere who would benefit from this, please put us in touch: runa at granitt dot io.