Basic Security Principles/Information

How to Suck at InfoSec

Basic Information

  • Types of Authentication

  • Access control best practices

  • 101

  • Careers in Information Security

    • General
      • NICE Cybersecurity Workforce Framework
        • The NICE Framework, NIST Special Publication 800-181, establishes taxonomy and common lexicon that is to be used to describe all cybersecurity work and workers irrespective of where or for whom the work is performed. The NICE Framework is intended to be applied in the public, private, and academic sectors. (USA Focused)
    • Infosec Tools of the Trade: Getting Your Hands Dirty
      • In this presentation we'll will be going over introductions to the various focuses in information security and demoing the most common tools that are used in operational security, both offense and defense. You'll leave with an idea on how to freely obtain and use these tools so that you can have what you need for that first interview: experience and a passion for security. This is a green talk for people who don't have a clue on what offensive and defensive people do operationally, from a tool perspective.
    • So You Want To Be A H6x0r Getting Started in Cybersecurity Doug White and Russ Beauchemin
    • How to prepare for an infosec interview - Timothy DeBlock
    • Navigating Career Choices in InfoSec - Fernando Montenegro - BSides Detroit2017
      • Making career choices can be intimidating and stressful. Perhaps this presentation can help. The tidal forces affecting technology impact our careers as well. If we're not actively managing them, we're leaving decisions to chance (or to others), and may not like the outcomes. This presentation describes a framework I've used over the past few years to evaluate both ongoing job satisfaction as well as new opportunities as they appear. I'm happy with the outcomes I've obtained with it, and have used this same framework when providing advice to others, and it has been well received. Hopefully it can help others as well.
    • Becoming a Penetration Tester
      • So you think you want to be a penetration tester - Defcon24
        • So, you think you want to be a penetration tester, or you already are and don't understand what the difference between you and all the other "so called" penetration testers out there. Think you know the difference between a Red Team, Penetration Test and a Vulnerability assessment? Know how to write a report your clients will actually read and understand? Can you leverage the strengths of your team mates to get through tough roadblocks, migrate, pivot, pwn and pillage? No? well this talk is probably for you then! We will go through the fascinating, intense and often crazily boring on-site assessment process. Talk about planning and performing Red Teams, how they are different, and why they can be super effective and have some fun along the way. I'll tell you stories that will melt your face, brain and everything in between. Give you the answers to all of your questions you never knew you had, and probably make you question your life choices. By the end of this session you will be ready to take your next steps into the job you've always wanted, or know deep inside that you should probably look for something else. There will be no judgment or shame, only information, laughter and fun.
      • Hold my Red Bull Undergraduate Red Teaming Jonathan Gaines
      • How to become a pentester - Corelan
      • Attacking Big Business
  • General

Tools you should probably know exist