SECTION 9 Cyber Security

SECTION 9 Cyber Security


Latest Episodes

The NIST Cyber Security Framework
April 03, 2023

Time to start looking into cyber security frameworks. For this episode were looking at the the NIST Cyber Security Framework. Were also explaining what a cyber security framework is and how they can help.

Time For a Maintenance Review - 259
March 06, 2023

Time for another maintenance episode where we review our systems and management process. This time were looking at our Digital Ocean servers, Automox patch management, Fortinet Firewalls, and the password manager Bitwarden.

How do you roast a server to death? - 258
January 16, 2023

Almost roasted our VMware server to death. Dont do what I did. Enjoy!

How do we evaluate the LastPass hack for Section 9? - 257
January 09, 2023

LastPass was hacked last year. As LastPass customers we need to evaluate the impact that has on Section 9. Should we continue to use the product? Should we migrate to a different password manager? How do we evaluate a password manager? Consider this the

SANS and BHIS Videos for Hacking - 256
December 11, 2022

Found some really interesting and helpful videos. One walks you through an Active Directory hacking lab. Another talks about default configurations and bad passwords as a way to hack into systems. The last one is about building a home lab. These are jus

The Active Directory Lab - 255
November 21, 2022

Found a video that walks you through the process of setting up an Active Directory Lab for hacking. I wouldnt be able to do this without a starting point.

Using the MITRE ATT&CK Matrix in a lab - 254
November 07, 2022

Last episode was about my crazy study plan, or lack of one. Time to put together a proper study plan. One that works.

A Better Study Plan - 253
October 10, 2022

Last episode was about my crazy study plan, or lack of one. Time to put together a proper study plan. One that works.

Learning All At Once - 252
October 03, 2022

Time to jump into my crazy, unorganized study process. Trying to study or learn the CISSP, pentesting, risk assessments, and keep up with my current certification requirements. Ive also signed up for two Antisyphon classes.

Asset Management Policy - 251
September 05, 2022

Time to create a policy for asset inventory. This will help us define what we need in our asset inventory. It will also help us define what we need in our procedures. The process we use to manage the inventory.