SANS GCIH – Log 5

I PASSED! I literally threw my hands up in the air as the score appeared on the screen. Those practice exams are spot on. From the difficulty to the actual time it took, everything lined up similarly. Probably the best advantage/help I had was the proctor actually offered up a table for all the books that I had. Which, by the way, SANS books take up so much room when you are digging through all of them trying to find the answer you should already know! My index was a definite contributor to my successes, but I still had a … Continue reading SANS GCIH – Log 5

SANS GCIH – Log 4

I took my second practice test a few days ago, and it has taken me quite a bit to get over it. I got a 34%. Not a 90% like I was expecting, but a 34%. I took the practice exam after struggling to hang a light fixture in our house for almost two days (like any good home improvement story, it involved what seemed like 50 trips to Lowes). As I sat down to take the practice test I was frustrated, tired, and pretty disappointed that I wasn’t drinking a beer celebrating converting that stupid light fixture. BUT! I … Continue reading SANS GCIH – Log 4

Vulnerability Management Fatigue

CVEDetails says that there is currently over 14,000 vulnerabilities that have a CVE score of 9.0 or higher. The average CVE score is a 6.6, and the total number of CVE’s is over 103,000. You are responsible for every single one of them. If you’re a small shop, that is in addition to your monitoring load, your incident response load, your asset management load, your policies and procedures load, your documentation load, your event investigation load, your… You get it. The never ending load of infosec.

Continue reading “Vulnerability Management Fatigue”

Incident Readiness

An incident response plan is the cornerstone to preparing for what is coming: an incident (a bit obvious, really). Incidents are those little things that tear businesses up. At it’s core, the Equifax breach was an incident. The Yahoo email scandal was… an incident. The Shadow Broker’s ‘hack’: an incident. Your data center just went down because of an air conditioning malfunction, guess what? Incident! They are everywhere, and cause disruption everywhere they go.

Continue reading “Incident Readiness”