The release date for my book moved up! While I'm weighing in for my Muay Thai fight this weekend, Practical Detection Engineering will be dropping on Amazon.
Pre-order your copy now: https://packt.link/MeganR
DM me here or on LinkedIn and let me know what you think! Thanks in advance for all the support :)
This is a great blog by @megan on ransomware/data extortion in the cloud, including TTPs and a link to a recent podcast
After obtaining the correct permissions required to carry out their attack, the threat actor will then perform reconnaissance in the environment to identify the data they will exfiltrate and use to ransom the victim. ... Assuming they have the right permissions, direct access via the console, simple CLI commands, or API calls can be used to interact with [cloud] storage.
Last night my co-authors and I turned in the final chapter's first draft for our book, Practical Detection Engineering: A hands-on guide to planning, developing, and validating threat detections. Still got a few rounds of technical reviews and copy edits but definitely a big milestone for us.
When performing competitor analysis we found that despite the numerous amazing blog posts from industry experts, there wasn't a complete book focused solely on detection engineering, so hopefully we can fill that gap for the field! The book is scheduled to release in early August and is available for pre-order on Amazon now:
https://www.amazon.com/Practical-Detection-Engineering-Confidently-detections/dp/1801076715
If you have a Packt subscription, it'll be in the eBook library too.
Thanks in advance for anyone who decides to invest in our work and check it out!
#detectionengineering #detections #threatdetection #threatintelligence #threatintel #infosec #engineering #cybersecurity #book #ebook #preorder
Still singing the praises of Arc browser lol. If you want to be converted, got 5 more referral codes here. I think their Windows version is coming by the end of year, macOS for now. Give it a week of use to get used to a differently-designed browser.
Wouldn’t usually share a fundraiser related to personal stuff on Mastadon, but it’s for a good cause so passing along. In order to satisfy some visa requirements my boyfriend has to go back and stay in Brazil for a little while. He’ll also be working towards his green card which is not cheap esp while working with an immigration lawyer. He’s a hard worker and has worked hard to save up the money but his friends organized a gofundme to take a tiny bit of the burden off of him so he doesn’t have to fully empty his saving account for getting back to Brazil, paperwork fees, lawyers, etc.
I’m constantly in awe of how he overcomes his paraplegia and faces everyday with positivity. Now he’s got another challenge ahead navigating our screwed up immigration system and want to support him however I can.
https://www.gofundme.com/f/wish-prof-kelvin-safe-travels-a-speedy-return
Alternatively if you ever need a website designer, graphic designer, social media content creator, videographer, etc let me know and I can get you connected! He’s worth the cost, I can assure it.
Epic convo on today's #ThursdayDefensive -- @megan expertly navigated two diverse topics: cloud DFIR & detection engineering!
Join us next week to hear from Chris Long of Material Security!
If you missed my other couple webcasts over the past week, don't worry, I've got another one tomorrow at 10:30 EST! Join SumoLogic and I as we discuss the relevance of endpoints in #CloudSecurity:
https://www.sans.org/webcasts/cloud-security-does-the-endpoint-still-matter/
Also, webcasts replays are always available at https://www.sans.org/webcasts/ if you missed any of my previous ones and want to catch them.
Jay Thoden van Velzen ☁️🛡️
Josh Lemon
Recon InfoSec