- Dropped v2 of my threat modeling guide with 6 new methodologies:
- Someone referenced by threat modeling guide. Dope.
- I’ve introduced a (curated) “change log” where I list out deltas of site content updates. Moving forward, changes to the site will mostly appear there instead of in the Captains Log.
- I’ve also developed a “statboard” which presents a number of interesting data points about the site.
- A Reddit user in r/cybersecurity asked about boosting professional credibility so I responded and also created my own resource for it - Boosting Your Cyber Clout.
- I wrote up a short piece on “dynamizing” Jekyll, based on what I learned creating my site statboard.
- Dropped a re-review of SEC588 as I re-took the course as a vTA. Spoiler: I liked the course a lot more the second time around.
- Someone on Reddit asked about working in VM so I linked out to my VM guide. In a separate thread, someone asked more specifically about day-to-day responsibilities where I also engaged =).
- Episode 12 is live and 13 should be up soon! My goal is to get back to (an overall average of) 1 episode a month (tracking this via my statboard)
What I’m Learning
- I worked as a vTA for SANS SEC588: Cloud Penetration Testing at SANS Virginia Beach 2022 (Live Online). This run was taught by the course author (Moses Frost) who has definitely made some significant updates to the course since I took it last.
- I also served as an online Moderator for SANS MGT512: Security Leadership Essentials for Managers and was fortunate enough to win the challenge coin for the course!
- Still need to prep for and take the GIAC GSLC certification exam. A September task at this point…
- Playing around with Git Actions for some stuff for the site.
- SANS has apparently killed its advanced web application penetration testing course, SEC642. Moses Frost believed it was due to not having a certification. Wayback Machine pegs the last crawl at March 25, 2021. RIP, I always hoped for a cert for that class.
- Apparently an advanced cloud pentesting course, SEC688 is coming out in the near future (exciting!). Couple that with the flight of SEC565 (w/ that druel-worth challenge coin - omg) and many other new advanced SANS courses, I feel like I’m going to get dragged right back into my old SANS-ey ways…
- I took my first SANS course course was in 2016 (SEC560). Thought it was interesting to see the book aesthetic evolution over time.
- Apple event rumored for 9/7. I’m hoping for new phones (duh), new watch and a new Mac Pro!
- Hak5 has the best hacker christmas gifts - WiFi Coconut.
- Some day I need to pick up some studio monitors for my desk setup. Been considering the Yamaha HS Series.
- Realized I need some closed-back monitor headphones for my podcasting setup to reduce sound bleed while recording. Thinking of picking up the Audio-Technica ATH-M50X or M70X.
- Been considering some other cool audio-engineering gear to up the setup… customizable console gear & RODECaster Pro.
- I really enjoyed the new Doctor Strange movie, Multiverse of Madness.
- Finished binging Brooklyn Nine-Nine.
- Pumped for the upcoming Rogue One prequel, Andor.
- House of the Dragon! Awesome so far.
- Got into some DC universe too… Man of Steel, Batman vs Superman: Dawn of Justice - Ultimate Edition & Zack Snyder’s Justice League.
- The Adam Project was not only a great Sci-Fi movie but also a real heart-tugger as a father…