Smash The Van – Paul’s Security Weekly #577

This week, Paul interviews Mike Nichols of Endgame, Keith McCammon of Red Canary, & Shawn Smith of Panhandle Educators Federal Credit Union! Carlos Perez delivers the Technical Segment on How to Operate Offensively Against SysMon, and the crew will wrap the show with the Security News!   Full Show Notes: https://wiki.securityweekly.com/Episode577 Visit https://www.securityweekly.com/psw for all the latest episodes!    

View Show Index

Full Audio

Segments

1. Mike Nichols, Keith McCammon, & Shawn Smith –

Mike Nichols is the VP of Product Management at Endgame, and he manages the Endgame endpoint protection platform. Keith McCammon is the Chief Security Officer and Co-Founder of Red Canary, and he runs Red Canary’s Security Operation Center. Shawn Smith is the IT Security Manager at Panhandle Educators Federal Credit Union.

They discuss the problems Shawn had that led him to choose Red Canary and Endgame as his solution, skill shortages in vendors, what he did to convince his management to approve of this solution, and what his process for testing the effectiveness of these solutions was.

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jason Wood
Jason Wood
Founder; Primary Consultant at Paladin Security
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security

2. Offensive Operating Against SysMon, Carlos Perez –

Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more!

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jason Wood
Jason Wood
Founder; Primary Consultant at Paladin Security
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security

3. Linux Bugs, macOS Zero-Day, & Twitter Exposed –

In the security news, Russian Hackers use Malware that can survive OS reinstalls, Facebook’s 2-Factor authentication With a phone number isn’t only for security, it’s used for ads ,FBI warns companies about hackers increasingly abusing RDP connections, NSA employee who brought hacking tools home sentenced to 66 months in prison, new Linux Kernel Bug affects Red Hat, CentOS, and Debian Distributions, and Baddies just need one email account with clout to unleash phishing hell, and more!

Full Show Notes: https://wiki.securityweekly.com/Episode577

Visit https://www.securityweekly.com/psw for all the latest episodes!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
Carlos Perez
Carlos Perez
Principal Consultant, Team Lead for Research at TrustedSec
Jason Wood
Jason Wood
Founder; Primary Consultant at Paladin Security
Joff Thyer
Joff Thyer
Security Analyst at Black Hills Information Security

4. Offensive Operating Against SysMon, Carlos Perez – Paul’s Security Weekly #577

Carlos Perez delivers the Technical Segment on How to Operate Offensively Against Sysmon. He talks about how SysMon allows him to create rules, and track specific types of tradecraft, around process creation and process termination. He dives into network connection, driver loading, image loading, creation of remote threats, and more! Full Show Notes: https://wiki.securityweekly.com/Episode577 Visit https://www.securityweekly.com/psw for all the latest episodes! 

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

5. Linux Bugs, macOS Zero-Day, & Twitter Exposed – Paul’s Security Weekly #577

In the security news, Russian Hackers use Malware that can survive OS reinstalls, Facebook’s 2-Factor authentication With a phone number isn’t only for security, it’s used for ads ,FBI warns companies about hackers increasingly abusing RDP connections, NSA employee who brought hacking tools home sentenced to 66 months in prison, new Linux Kernel Bug affects Red Hat, CentOS, and Debian Distributions, and Baddies just need one email account with clout to unleash phishing hell, and more! Full Show Notes: https://wiki.securityweekly.com/Episode577 Visit https://www.securityweekly.com/psw for all the latest episodes! 

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly

6. Mike Nichols, Keith McCammon, & Shawn Smith – Paul’s Security Weekly #577

Mike Nichols is the VP of Product Management at Endgame, and he manages the Endgame endpoint protection platform. Keith McCammon is the Chief Security Officer and Co-Founder of Red Canary, and he runs Red Canary’s Security Operation Center. Shawn Smith is the IT Security Manager at Panhandle Educators Federal Credit Union. They discuss the problems Shawn had that led him to choose Red Canary and Endgame as his solution, skill shortages in vendors, what he did to convince his management to approve of this solution, and what his process for testing the effectiveness of these solutions was. Full Show Notes: https://wiki.securityweekly.com/Episode577 Visit https://www.securityweekly.com/psw for all the latest episodes! 

Host

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
prestitial ad