I just wanted to try Lemmy and this instance was recommended to my by my tech friends. I haven't coded since high school (the closest I get is a couple of hours of trying SQL). I work in accounting, live in southern Stockholm, Sweden, union activist in my local syndicalist union, member of my local masorti synagogue. I'm in charge of internet security and other IT related issues on my firm, but that's because we're small and I'm the least bad on the position. I'm still struggling to get people to move over to password managers (yeah some co-workers still reuse passwords). After that, my plan is to push for 2FA where it's possible (though we already have it on our most crucial system).
Blue Team
Blue Teamers are the first (and sometimes last) line of defense in the ongoing cyber war. This place is to chat out detection strategies, complain about SIEMs, compare SOAR playbooks, or post mean memes about the Red Team.
Hey everyone. Jason here. Full-time developer over at the Suricata IDS project.
Hey everyone! I'm a new kid on the block in terms of professional blue teaming. Landed a role in a large firm as a SOC analyst and really enjoying my job. Looking to move up quickly and very motivated to do so (I'm almost in my 30's and have mouths to feed 😂)
Previously, I've been bouncing through roles from IT service desk to various admin (non-IT) roles. I also enjoy a bit of web design and running my own SIEM on Raspberry Pi's.
👋 infra sec blue team lead for a large tech company
Hey there, DFIR consultant here. Started in the security world as a pentester and after enjoying some intrusion investigations that came to my lap, decided to try the blue side, done a malware analysis course and I am now working as a forensic specialist. Been enjoying the work so far, but get the imposter syndrome sometimes since i don't have a forensic certification, only security experience.
Open source developer, white middle-aged dude. I have too many hobbies. I'm trying to see if Lemmy makes sense for me and wasn't sure which server to choose (I know, completely unusual story), so I picked this one as I hang out with InfoSec people a lot :)
Heya!
I am currently in a consultancy role, mostly doing penetration tests, but as everyone knows, "A pentest report without a way to fix findings is just a show-off document." Been doing this for close to 3 years. Before that, I spent a year as a SOC analyst for a global corporation, and before that I was a teacher. My hobbies include lockpicking, all ways to get where I'm not supposed to, and privacy.
Hope to learn a lot of valuable stuff here, and if I know an answer, I'll happily share!
Salutations! I work in DFIR, have for the past couple of years. Before that I worked in IT - Systems Administration for a long time.
Hi all! Couple of decades in IT, from helpdesk up to both Senior Consultant as well as IT Director. I really enjoy both the technical aspects of the job as well as developing junior employees and have wandered back and forth between both types of roles.
I read once a long time ago (Might have been one of Tay's threads?) that operational excellence was 90% of security, and really took that to heart. My clients and employers have generally been SMBs, so real security wins have often been stuff like "Hey what if the computers had passwords on them?" or "We're no longer keeping everyone's passwords in a big Excel sheet", but over time those have added to to some decent defense. I'm always looking to grow beyond the basics, and hope that this community can be part of that journey!
Hi, security consultant and service developer focusing on OT and DFIR. Working for an international consulting firm, based in Europe. Originally a chemical engineer. Big fan of knowledge sharing!
IR dude with ~10 years experience across different infosec disciplines. Currently working toward making the jump to offsec/pen testing. Privacy advocate. Trying out Lemmy because of Reddit's 3rd party API shenanigans.
Hey all! I've been in infosec for about 20 years, did some red teaming but have really found the fight in defense. I currently work in the public sector, did some threat hunting and am now specializing in post-compromise remediation and countermeasures.
👋 infosec newb here, 8 years in HVAC/R > 6 months in HD at MSP > ~8 months as SOC Analyst at MSSP.
In professional IT since '06, but I've been playing with (and fixing) computers since playing with my dad's Timex Sinclair at the age of two. I'm a generalist who focuses mainly in OSes and automation, but I've had experience working in databases, mainframe performance tuning, security, cloud infrastructure, pretty much anything but web front-ends outside of tweaking a really basic Livejournal page's HTML. 😂
I've gotten as high as a domain and solutions architect; my three domains were Servers (Linux), Security, and Automation/SOA/DevOps (yes, I was a DevOps Architect, as much of an antipattern as that is... I didn't make the titles! 😅). Currently looking for a new SRE/DevOps/DevSecOps gig after getting let go during some layoffs recently.
As far as InfoSec is concerned, I take a very strong "Security is everyone's responsibility" approach, since it's us humans against the machines and "bad guys." Even a newbie can pull a Cliff Stoll and say, "Huh, that's funny." We need to band together in community, so I'm hopeful this will be a net-positive.
DFIR consultant in the US. Software developer / coder. Ham radio operator. Veteran. Former law enforcement. Laserkittens! Block chain tacos! Cyber cyber cyber...!
DFIR Consultant. Been doing this for a number of years now. Background in all aspects of IT starting from Help Desk to SysAdmin, Infra, and then as cybersecurity. Now trying to help anyone who needs it either on the DFIR side or mentoring anyone with an interest in cybersecurity.
Fellow grey beard here 90's edition, made it up to CTO with CISO responsibilities added on a dotted line to finance and legal so I scurried back down to a comfy Blue Team / Threat Hunt / Investigative role after some years teaching, mentoring, and consulting. My hobbies include horticulture, Krav Maga, as well as network and systems engineering - constantly building something.
I recently took some time off from the world to rehabilitate post spinal surgery which is where Krav Maga came into my life. I needed a way to retrain my muscles and muscle memory. Now I'm a few stone lighter, row for around 15 min to start my day, and dance and practice Krav while jogging in the evening.
Jack of all for a small multinational, infra, chasing alerts, compliance and other this and thats as well as providing all things IT for a couple of small, actual, non-profits, also like to drive fast with #'s on and disappear into the bush with the kids as often as possible.
Nothing special, just a backend dev with a jack of all trades approach.
I've been lead over Incident Response where I work for a few years now, IT security since 2019. I've been in IT for close to 20 years now and my first security related experiences were cleaning viruses off of W2K pc's using the Sysinternal suite. I had at least one antivirus company support tech chastise me over the phone for cleaning up a virus that their software didn't catch. It's been downhill ever since.
This is a test
Late to the party.
20+ IT civilian, then DOD, soon civilian again.
Experience in general IT, Storage, VMware, DISA STIGs, etc.
Computers since 1980, programming, games, and now for almost 18 years incident response/investigation of computer crimes.
I am retired LEO, that now works for a security company (easy to figure out, not many folks named Vern) doing DFIR work in the OT space, including Incident Response Plan development and Tabletop Exercise design and execution. I taught DFIR at the college level for over a decade, but am on a break from that.
I went into management/leadership, but I stepped back to individual contributor about 15 years ago and it was the right choice for me. I love the zeros and ones, solving puzzles, and helping folks that are in a crisis.