About
Posts and reposts, Articles, etc here on LinkedIn are my own opinions and thoughts and do…
Articles by Jesse
Activity
-
Celebrating the Women Who Secure Our World – A Tribute on International Women’s Day Tomorrow marks International Women’s Day, but why wait to…
Celebrating the Women Who Secure Our World – A Tribute on International Women’s Day Tomorrow marks International Women’s Day, but why wait to…
Liked by Jesse Moore, MSc
-
#SCCM forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all credentials can be…
#SCCM forest discovery accounts can be decrypted—even those for untrusted forests. If the site server is a managed client, all credentials can be…
Liked by Jesse Moore, MSc
-
Greetings Bsides community! Are you ready for two days filled with amazing security content? Check out the schedule of talks for this year’s…
Greetings Bsides community! Are you ready for two days filled with amazing security content? Check out the schedule of talks for this year’s…
Liked by Jesse Moore, MSc
Experience
Education
-
Educational Growth 2021
-
Books:
Six-Word Lessons to Think like a Modern-Day CIO
Captivate by Vanessa Van Edwards
Hit Refresh by Satya Nadella
Dignity
Management/Leadership:
Manager Tools Training -Effective Manager Video Course
People School Training by Vanessa Edwards: https://www.scienceofpeople.com/
Work with Dan on Change Management: https://hr.uw.edu/pod/consultant/dan-oestreich/
BlackHills Information Security Training:
Enterprise Attacker Emulation and C2 Implant…Books:
Six-Word Lessons to Think like a Modern-Day CIO
Captivate by Vanessa Van Edwards
Hit Refresh by Satya Nadella
Dignity
Management/Leadership:
Manager Tools Training -Effective Manager Video Course
People School Training by Vanessa Edwards: https://www.scienceofpeople.com/
Work with Dan on Change Management: https://hr.uw.edu/pod/consultant/dan-oestreich/
BlackHills Information Security Training:
Enterprise Attacker Emulation and C2 Implant Development
Securing the Cloud: Foundations by Andrew Krug
Creator of CyberOffense workshop for UW
Volunteer WRCCDC Ops Team (21:50 mins into video) : https://bit.ly/2021-WRCCDC
CyberForce DOE trained Blue w/Red
Rapid7:
Velociraptor
SPEAKING (about THREAT) at Conferences:
Washington State Higher Education: Building Bridges Tech
UW Tech Connect: https://www.washington.edu/techconnect/conference/sessions/#windows
NWACC: http://www.nwacc.org/
WATech : https://bit.ly/WATechThreat
MSFT HiEd: https://bit.ly/2021-MSFT-HED
Wild West Hackin Fest -
-
Activities and Societies: Cybersecurity Club
This included CISSP book and domain coverage
-
-
Activities and Societies:
Books:
The Effective Executive by Peter Drucker
Effective Manager by Mark Horstman
The Advantage by Patrick Lencioni
The Culture Code by Daniel Coyle
Participated (Team Lead) on remote Red Team at ALCCDC
Hack The Box Training
Malware Development (https://institute.sektor7.net)
Autopsy Forensics (8Hours)
Offensive Tradecraft -Breaching the Cloud Perimeter (BlackHills InfoSec -4 hours)
Applied Purple Teaming (BlackHills InfoSec -4 hours)
Educause Security…Books:
The Effective Executive by Peter Drucker
Effective Manager by Mark Horstman
The Advantage by Patrick Lencioni
The Culture Code by Daniel Coyle
Participated (Team Lead) on remote Red Team at ALCCDC
Hack The Box Training
Malware Development (https://institute.sektor7.net)
Autopsy Forensics (8Hours)
Offensive Tradecraft -Breaching the Cloud Perimeter (BlackHills InfoSec -4 hours)
Applied Purple Teaming (BlackHills InfoSec -4 hours)
Educause Security Conference
Educause "New IT Managers Program"
SANS Core-Netwars participant
Foundations of Operationalizing MITRE ATT&CK
Wild West Hackin' Fest (WWHF) - Conference & Workshops
Contribute to Atomic Red Team Github
The Emotionally Healthy Leader -Peter Scazzero
Presented @ UW on How to Install and Run Atomic Red Team
WRCCDC OpsTeam member building Infra for competitions
Red Team Lead at Department of Energy CyberForce Competition (Scenario: Windfarm) for PNNL
Hosted Secure GPO workshop at UW multiple times in the year -
-
SANS Seattle MGMT514 -Only info from GIAC Security Leadership (GSLC)
Books:
The Fearless Organization
5 Dysfunctions of a Team
Offensive Countermeasures -Art of Active Defense
Develop Yourself for Professional Success by enhancing EQ
Gallup development
The Ethics Law and the U
Writing Job Descriptions and Job Postings to Recruit Diverse Staff
Seeking Cultural Consciousness and Competence in Hiring
Hack The Box Training
Virtual Hacking Labs -Penetration…SANS Seattle MGMT514 -Only info from GIAC Security Leadership (GSLC)
Books:
The Fearless Organization
5 Dysfunctions of a Team
Offensive Countermeasures -Art of Active Defense
Develop Yourself for Professional Success by enhancing EQ
Gallup development
The Ethics Law and the U
Writing Job Descriptions and Job Postings to Recruit Diverse Staff
Seeking Cultural Consciousness and Competence in Hiring
Hack The Box Training
Virtual Hacking Labs -Penetration Testing
Present Adversary Tactics for CSE Group at UW
Seattle Bsides Volunteer
Participated on the Red Team for the Pacific Rim Collegiate Cyber Defense Competition
Develop and run a Windows Secure GPO Workshop at University of Washington (UW)
Presentation on Assume Breach/Log Detection at UW
Participated on the Red Team for the International Collegiate Cyber Defense Invitational (ICCDI).
Participated on Red Team for Department Of Energy CyberForce Competition
Udemy Linux Privilege Escalation by Tib3rius -
-
Red Team PRCCDC
Actively contributing to PRCCDC Red Team GitHub with sample paths to compromise.
SpecterOps: Adversary Tactics - Red Team Operations Training Course
Attend Bsides Redmond, WA @Microsoft.
SANS SEC560: Network Penetration Testing and Ethical Hacking
CTIN 2018 2nd Quarter Training
The Hacker Playbook 3: Reading and engaging in labs
MeetUp -I presented Adversary Tactics, secure configs,and Logs Oh My!…Red Team PRCCDC
Actively contributing to PRCCDC Red Team GitHub with sample paths to compromise.
SpecterOps: Adversary Tactics - Red Team Operations Training Course
Attend Bsides Redmond, WA @Microsoft.
SANS SEC560: Network Penetration Testing and Ethical Hacking
CTIN 2018 2nd Quarter Training
The Hacker Playbook 3: Reading and engaging in labs
MeetUp -I presented Adversary Tactics, secure configs,and Logs Oh My!
https://www.slideshare.net/jessefmoore/adversary-tactics-config-mgmtamplogsohmy
UW Tacoma Presentation for Security Awareness around Adversary Attacks and how to detect.
University of Washington Seattle Campus Talks on Adversary Tactics and Detection!
UW Bothell Presentation on Security Awareness
RedVsBlue ExtraHop Workshop (on Red Team) https://bit.ly/ExtraHopRedVsBlue
Pentester Academy Courses -
-
Started: February 2017
Completed: April 2018 -
-
Guidance Software:
EnCase Host Intrusion Methodology and Investigation DF370
Advance Analysis of Windows Artifacts DF320
Macintosh Examinations DF420
Attend CTF:
Highline College: PRCCDC (Pacific Rim Collegiate Cyber Defense Competition) on Red Team
https://www.prccdc.org/
Attend Bsides Redmond, WA @Microsoft.
Attend CTIN (Digital Forensics) Conference @ Microsoft:
Red vs Blue by Russ McRee
Windows Hyper-v VM Forensics by Troy Larson
Ransomware…Guidance Software:
EnCase Host Intrusion Methodology and Investigation DF370
Advance Analysis of Windows Artifacts DF320
Macintosh Examinations DF420
Attend CTF:
Highline College: PRCCDC (Pacific Rim Collegiate Cyber Defense Competition) on Red Team
https://www.prccdc.org/
Attend Bsides Redmond, WA @Microsoft.
Attend CTIN (Digital Forensics) Conference @ Microsoft:
Red vs Blue by Russ McRee
Windows Hyper-v VM Forensics by Troy Larson
Ransomware Prevention and Response by Sherri Davidoff
Attend DEFCON 25:
UAC Zero day, ALL Day by B33f
Powershell for Red Team by Carlos Perez
Azure CheckPoint BootCamp 8/24/2017
CheckPoint Infinity R80 training
Tenable:
Security Center 5.3 Scanning and Analysis (2days)
Security Center Pro Service (2 day)
Nessus Certificate of Proficiency
BlackLight training
SANS Training: FOR508
NetWars (Forensic): 7th place, Level 4, 8 Hints, Score 632
RSA IR Training (October)
EndGame Workshop ATT&CK
Panel Member: http://infosec.edcc.edu/CyberSecCareers.pdf -
-
Rapid7:
NeXpose Certified Administrator
NeXpose Advance Certified Administrator:
Completion of Nexpose Advanced Certified Administrator course includes these skills:
Basic understanding of Database Management Systems (DBMS)
Basic understanding of Structured Query Language (SQL)
Basic understanding of programming/scripting logic and concepts
Prior experience writing scripts, helpful (preferably PowerShell)
Metasploit Pro Certified…Rapid7:
NeXpose Certified Administrator
NeXpose Advance Certified Administrator:
Completion of Nexpose Advanced Certified Administrator course includes these skills:
Basic understanding of Database Management Systems (DBMS)
Basic understanding of Structured Query Language (SQL)
Basic understanding of programming/scripting logic and concepts
Prior experience writing scripts, helpful (preferably PowerShell)
Metasploit Pro Certified Specialist
Guidance Software:
EnCase CyberSecurity and Analytics v5
Customizing EnCase Analytics
Navigating EnCase
IR250 Incident Investigation
EnCase® v7 Advanced Internet Examinations
EnCase v7 Computer Forensics I
EnCase v7 Computer Forensics II
Cisco Academy: Cisco I
Ransomeware Roadshow 101 Workshop Sept. -FBI/Secret Service
Intel-Security SIEM 101, and custom pro services training.
McAfee IPS training by pro services.
-
-
IT Training 2015
HP BladeSystem Administration Certificate (3 day course, February 2015)
Cybrary.IT Certificate:
Penetration Testing and Ethical Hacking (04/22/2015) CEU/CPE: 20
Emerging Trends in Threat Intel; awarded 1 CEU/CPE for attending Cybrary’s Live Classroom Granted: 06/04/2015.
AWR-178 Secure Software Certificate (May 23rd 2015).
VTE Online Training (Department of Homeland Security)- CompTIA Security + (SY-401) Prep - 19 hours (September 26, 2015)…IT Training 2015
HP BladeSystem Administration Certificate (3 day course, February 2015)
Cybrary.IT Certificate:
Penetration Testing and Ethical Hacking (04/22/2015) CEU/CPE: 20
Emerging Trends in Threat Intel; awarded 1 CEU/CPE for attending Cybrary’s Live Classroom Granted: 06/04/2015.
AWR-178 Secure Software Certificate (May 23rd 2015).
VTE Online Training (Department of Homeland Security)- CompTIA Security + (SY-401) Prep - 19 hours (September 26, 2015)
10/27/2015 - National Cyber League (NCL)
October/November 2015 -NSA CyberSprint 1/2 Competition and was invited to work at NSA.
AWR-177 Information Risk Management (11/01/2015).
IT Events:
HTCIA "Safe Computing in the Digital Age" Symposium March 28th 2015
AFCOM Conference Seattle May 12th 2015.
CSFA Study Session @ student chapter HTCIA. I presented techniques and tips May 17th 2015. -
-
Activities and Societies: HTCIA. Edmonds Community College has been designated a National Center of Academic Excellence (CAE) in Cyber Defense Education by the National Security Agency (NSA) and Department of Homeland Security (DHS).
Advisory Board for Computer Info Systems
-
-
Activities and Societies: HTCIA
-
-
IT Training and Events 2014
Edmond's Community College - Digital Forensics Fundamentals taught by Steve Hailey. .7 CEU 6/21/2014
Hackin9 IT Security Magazine -Hakin9's Hack the Box Series, workshop. 6/30/2014
LISA14 Conference -Seattle, November 2014.
Texas A&M Engineering Extension Service in cooperation with the Department of Homeland Security:
AWR138 - Network Assurance
AWR139 - Digital Forensics Basics
AWR168 - Cyber Law and White Collar Crime
AWR175…IT Training and Events 2014
Edmond's Community College - Digital Forensics Fundamentals taught by Steve Hailey. .7 CEU 6/21/2014
Hackin9 IT Security Magazine -Hakin9's Hack the Box Series, workshop. 6/30/2014
LISA14 Conference -Seattle, November 2014.
Texas A&M Engineering Extension Service in cooperation with the Department of Homeland Security:
AWR138 - Network Assurance
AWR139 - Digital Forensics Basics
AWR168 - Cyber Law and White Collar Crime
AWR175 - Information Security for Everyone
AWR176 - Business Information Continuity
AWR-169 - Cyber Incident Analysis and Response (11/30/2014) -
-
Activities and Societies: Honor Society
Graduation honor:
Magna Cum Laude -
-
Nintendo provided Linux Admin courses in prep of new role/responsibilities.
-
-
University Research Involved in:
Cyber Threat Intelligence Sharing
Insider Threat in Higher Education by Mitre
IoT: https://sites.google.com/uw.edu/ctop-iot-collaboration/help-us-improve-iot-security/expert-interviews
My Presentation at CyberForce Atomic Red Team training: https://www.youtube.com/watch?v=fapsL4kMxho -
-
Activities and Societies: Guest Speaker: UW INFO415 NWACC Conference on Misconfigs in AD Books: From Start-Up to Grown-Up by Alisha Cohn The Compound Effect by Darren Hardy Principles by Ray Dalio Workshops: Detecting Adversarial Tradecrafts and Techniques via ETW Empire Operations 1 Other training: Cyber Deception Enterprise Attack Initial Access Steve Borosh Conference: WildWest HackinFest Way West -Defending the Enterprise Wildwest HackinFest Deadwood
Licenses & Certifications
Volunteer Experience
-
YearUp Mentor
Year Up
- 1 year 1 month
Poverty Alleviation
Helping close the Opportunity Divide and open new doors for young people.
-
Computer Info System Advisory Committee Member
Edmonds Community College
- 4 years 2 months
Education
CIS Student Member looking at things from a students perspective to help Teachers make sure they are meeting students needs in the classroom and through courses.
HTTPS://www.edcc.edu/advisory/activities.html -
Adversary Red Team Lead | Operator
National Collegiate Cyber Defense Competition
- 3 years 9 months
Education
Highline College: PRCCDC (Pacific Rim Collegiate Cyber Defense Competition) on Red Team
https://www.prccdc.org/
https://www.nationalccdc.org/
ALCCDC
VCCDC -
Operations Team Member
WRCCDC
- Present 4 years 5 months
Science and Technology
WRCCDC Awards Ceremony and Debrief 2021: https://www.youtube.com/watch?v=d1yhRJ5bdzw&t=6s
-
Adversary Team Lead & Core dev
U.S. Department of Energy (DOE)
- Present 6 years 5 months
Education
https://cyberforcecompetition.com/
Projects
-
University Capstone Sponsor/Developer
Develop 4 Capstones for 4 groups of 3 Master's Level Students.
1. Threat Hunting Project using Kansa on Windows
2. Deception Project using Canaries to detect Malicious activity
3. Network Monitoring and detecting Malicious traffic West to East.
4. Compromise Hunting to find bad configurations on systems along with Malware, and other malicious artifacts. -
"OWASP Top 10” Penatration Testing.
OWASP Top 10 most critical web application security flaws. This document is being used by many
organizations as a guide, to help protect their web applications from the most
critical security flaws.
Each category numerous type of attacks. In order to complete this part of
the capstone project, you need to provide details on at least two attacks
from each of the Top 10 categories. -
System Hacking
Capstone Project - System Hacking
Complete the De‐Ice disk 1.100 challenge:
The goal of this challenge is to find, access, and decrypt salary_dec2003.csv.enc
on the De‐Ice (Linux) system and then report the salary information in it. To achieve this
goal, you will do some reconnaissance and find account information, escalate
privileges of multiple accounts to gain root access, and then find, access, and
decrypt the salary file, so that you can provide a report on the information -
2024 PRCCDC architect
-
Build machines and environment for students, industry professionals and WA National Guard Army to support.
https://www.dvidshub.net/news/467401/guard-members-assist-with-collegiate-cyber-defense-competition -
Encase Forensics Hunt Acquire/Implement Scale across organization
-
-
Tenable.io Acquire/Implement over 300 departments
-
-
Defender techniques, tactics, and processes to harden infrastructures.
-
BloodHound, SCCM, WSUS, PowerShell, Audit controls, Sysmon, Threat Intel, CRICL Malware Information Sharing Platform (MISP), CIS Benchmarks, Log-MD, Shodan, and Kibana, etc
-
Forensics Continuous Monitoring
-
Implement various pro-active/continuous monitoring in Enterprise environment.
-
Intrusion Prevention System (IPS)
-
Move away from Legacy and Implement new IPS
-
Malware Analysis program
-
Develop process/procedure around Malware Analysis program
-
Security Incident Event Monitoring (SIEM)
-
Move off of Legacy SIEM and implement new SIEM technology.
-
Vulnerability Management Program
-
Develop and implement VMP from policy/standards/procedures/guidelines to implement technology to mitigate and control and reduce RISK in Enterprise. Web Assessments, Pentesting/ATT&CK, Security Awareness, Threat Intelligence, defender tech controls, Malware defense, Digital Forensics, SIEM, Phishing, HIPAA, PCI, FISMA, Vulnerability scanning and remediation.
Honors & Awards
-
Red Team C2 and Blue Team Detections
Pen Testing Magazine
Published an Article to PenTest Magazine:
https://pentestmag.com/download/pentest-red-team-blue-team-scenarios-tutorials-and-case-studies/ -
BugCrowd- Forensic Artifact Research Program
Bugcrowd
Submitted and awarded for Guidance Software Forensic artifact research.
-
NSACyber Sprint 2015
-
The National Security Agency would like to thank you for participating in the 2015 NSA CyberSprint Competition. We were impressed with your work. By getting this far in the competition, you've proven you have the skills NSA is looking for in its technical professionals. If you want your career to result in something that could change the future for the better, please consider applying at NSA, where we do extraordinary work for an extraordinary cause: the safety and security of the United States.
Organizations
-
MS-ISAC
Member
- PresentThe MS-ISAC is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, tribal and territorial (SLTT) governments. The MS-ISAC 24x7 cybersecurity operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification, and mitigation and incident response.
-
REN-ISAC
Member
- PresentThe REN-ISAC mission is to aid and promote cybersecurity operational protection and response within the research and higher education (R&E) communities. The mission is conducted through private information sharing within a community of trusted representatives at member organizations, and as a computer security incident response team (CSIRT) supporting the R&E community at-large. REN-ISAC serves as R&E's trusted partner in commercial, governmental and private information sharing relationships…
The REN-ISAC mission is to aid and promote cybersecurity operational protection and response within the research and higher education (R&E) communities. The mission is conducted through private information sharing within a community of trusted representatives at member organizations, and as a computer security incident response team (CSIRT) supporting the R&E community at-large. REN-ISAC serves as R&E's trusted partner in commercial, governmental and private information sharing relationships, in the formal U.S. ISAC community, and for served networks.
-
Homeland Security Info Network (HSIN)
-
- Present -
SANS -DFIR
-
- PresentDigital Forensic & Incident Response
-
High Tech Crime Consortium (HTCC)
Member
- Present -
South Sound Hackers SSH
Member
- PresentSSH is dedicated to providing education and resources for IT Security professionals. Mission is to enable Security professionals to share industry best practices and unique real-world examples by providing a forum for dissemination of critical information; to provide education on key Security issues; and to be an effective resource available to Seattle's IT Security community.
-
Computer Technology Investigators Network (CTIN)
CTIN Member
-CTIN has been providing high tech crime fighting training since 1996 in the areas of high-tech security, investigation, and prosecution of high-tech crimes for both private and public sector security and investigative personnel and prosecutors.
-
Agora Seattle
-
-NOT FOR PUBLIC DISSEMINATION
-
High Technology Crime Investigation Association (HTCIA)
Member
- -
League of Professional System Administrators (LOPSA)
Member
-
Recommendations received
16 people have recommended Jesse
Join now to viewOther similar profiles
Explore more posts
-
Integrated Emergency Management LLC
The K-12 Anonymized Threat Response Guidance is a new resource to help kindergarten through grade 12 (K-12) schools and their law enforcement and community partners create tailored approaches to addressing anonymous threats of violence, including those received on social media. The toolkit outlines steps school leaders can take to assess and respond to anonymous threats, better prepare for and prevent future threats, and work in coordination with law enforcement and other local partners when threats arise.
-
AttackIQ
Tired of managing security testing across a scattered team? AttackIQ Mission Control centralizes control testing for faster remediation and improved ROI. 📅 Join Jose Barajas at 10 AM PT/12 PM CT/1 PM ET on July 18th to learn how AttackIQ Mission Control streamlines security operations for organizations. Discover how to seamlessly orchestrate testing across departments and locations, gain insights specific to your role with role-based dashboards, and simplify testing workflows for faster results. ➡ Register today and optimize your #SecurityOperations: https://bit.ly/3RZa5hw #LinkedInLive #Cybersecurity
-
NopalCyber
If you haven't downloaded our ebook, "Offense + Defense = Complete Cybersecurity," get your complimentary copy here. You'll learn what's missing from your current cybersecurity strategy, and how any security team can fill the gaps fast. What's next for your cybersecurity? Our ebook has the answer. https://hubs.ly/Q02QfM9n0 #cybersecurity #ebook #offensivesecurity
-
Rule InfoSec LLC
🚨 New Resource Alert 🚨 The Cybersecurity and Infrastructure Security Agency (CISA) has just released the Anonymized Threat Response Guidance: A Toolkit for K-12 Schools. This essential toolkit helps K-12 schools and their community partners, including law enforcement, address anonymous threats—especially those on social media. Key features of the toolkit: * Assess and respond to threats * Prepare and prevent future incidents * Collaborate with local law enforcement & mental health professionals With expert input from the FBI, this guidance empowers school leaders to make informed decisions, ensuring student safety and minimizing disruption. Check out the six key strategies to strengthen your school's threat response: 1️⃣ Build awareness to detect threats early 2️⃣ Develop strong partnerships with law enforcement and mental health teams 3️⃣ Engage law enforcement to scale responses 4️⃣ Treat every threat as credible 5️⃣ Utilize multidisciplinary teams for support 6️⃣ Establish response protocols and train staff Protect your school community and reduce the trauma caused by anonymous threats. Learn more and access the toolkit now! If you need guidance or help, reach out to us. https://lnkd.in/esmBA69U #CISA #FBI #K12Safety #SchoolSafety #ThreatResponse #AnonymizedThreats #CyberSecurity #SchoolLeadership #K12Toolkit #StudentSafety #LawEnforcement #MentalHealth #EmergencyPreparedness #SafeSchools #RuleInfoSec
-
SentinelOne
🗞️ In CyberScoop: "[T]he years of work to build up federal collaboration with industry are paying off, from the Joint Cyber Defense Collaborative to the National Risk Management Center — the 'proto' version of the JCDC, [Chris Krebs] said — to the National Security Agency’s Cybersecurity Collaboration Center. "'We’re starting to see that these things work with the resources and time into it, but it’s generating results and there’s no better evidence of the results, I think, than when Russia invaded Ukraine, and the ‘Shields Up’ campaign and the breadth to which that was able to change behavior in industry,' said Krebs, now chief intelligence and public policy officer at SentinelOne." To learn more, read the full article by Tim Starks: https://s1.ai/CS-Collab
-
GIAC Certifications
Prove you've got the skills to lead incident response teams with the NEW GIAC Enterprise Incident Responder (GEIR) certification. Now available for pre-sale with affiliated SANS Training! 🔍 Learn more here: https://lnkd.in/eKRr92_F #GIAC #GEIR #CertifyGIAC #IncidentResponse
-
iTG Technologies
⚡ **What is Your Cybersecurity Incident Response Plan?** Every business should be ready to respond to a cybersecurity breach. A good incident response plan includes: ✅ Clearly defined roles and responsibilities ✅ A communication strategy ✅ Recovery and post-incident analysis Take a read through our guide about how to put together an Incident Response Plan so you can prepare now and act quickly when it counts! #IncidentResponse #CyberSecurityPlanning #BusinessPreparedness #CyberSecurityAwarenessMonth #itgtechnologies
-
SME, Inc. - Systems Management Enterprises, Inc.
What does CMMC entail? CMMC serves as a validation of a contractor's cybersecurity posture. Mandatory for all DoD contractors and subcontractors handling CUI, CMMC compliance mandates adherence to NIST SP 800-171 controls, verified through third-party certification. Achieving CMMC compliance is not only crucial for securing contracts with the DoD but also for demonstrating your commitment to safeguarding sensitive data. https://cmmc.smeinc.net/ #IYKYK #CMMC #DoD #Cybersecurity #SMEInc
-
Gemini Tech Partners
As the threat landscape in modern computing continues to evolve, the Cybersecurity and Infrastructure Security Agency (CISA), in conjunction with several other federal agencies, recently published "Modern Approaches To Network Access Security" to provide updated guidance on best practices regarding network access, including remote access to critical resources. The guidance is directed at all organizations, no matter their size, and focuses on three recommended security solutions, Zero Trust (ZT), Secure Service Edge (SSE), and Secure Access Service Edge (SASE), to enable better visibility to activity and more granular and dependable access controls. As noted in the summary, "this guidance helps organizations to better understand the vulnerabilities, threats, and practices associated with traditional remote access and VPN deployment, as well as the inherent business risk posed to an organization’s network by remote access misconfiguration." We highly recommend reviewing that guidance for anyone who supports networks and remote access platforms, and contact us today if you are ready to learn more about how Gemini Tech Partners can work with you to evaluate your current security posture and provide guidance on next steps to help ensure you put processes in place that are strategically aligned with your overall business goals. Get more detail from Dark Reading (which includes a link to the CISA published guidance) at: https://lnkd.in/eDWva3gy #ITsecurity #networksecurity #cybersecurity #vpn #zerotrust #accesscontrol #ztna #sase
-
IJIS Institute
The IJIS Institute Cybersecurity Working Group just released its latest #JusticeGuardian publication, which inspects the Identify Core Function of NIST's Cybersecurity Framework. Learn more about the importance of developing an organizational understanding to manage cybersecurity risk to systems, people, assets, data, and capabilities.
-
Center for Development of Security Excellence
Critical infrastructure comprises the assets, systems, and networks considered vital to the United States. Check out CDSE’s Insider Threat critical infrastructure toolkit that includes resource links, job aids, and more. Follow the link below to get started. https://lnkd.in/emdmhQeq #CDSE #InsiderThreatToolkit
3 Comments -
CyberSecurity Peek
The recommendations outlined in the guidance aim to mitigate the risks posed by PRC-affiliated and other cyber threat actors. For daily news and analysis subscribe to the https://lnkd.in/gZsiTT2x newsletter. #CyberSecurity #Tech #DataProtection
-
Identity One
Physical and Logical Convergence through Design The Cybersecurity Infrastructure Security Agency (CISA) released guidance on the topic of Convergence for federal agencies in 2019. Physical Security and IT departments are increasingly recognizing the reality of converged threats. The traditional separation between these two domains has often led to isolated management of vulnerabilities, which might seem manageable on their own. However, when malicious attacks or simple oversights bridge these gaps, the risks can escalate dramatically. As Dark Reading’s Thomas Kopecky says: “Physical security and cybersecurity are intrinsically connected, and it is no longer effective to manage these threats separately. Cyber-physical incidents can quickly lead to physical harm, destruction of property, environmental disasters, and worse.” To address today’s evolving security challenges, Physical Security and IT departments need to better align their budgets and objectives. For example, the Department of Defense (DoD) has made strides in this direction by investing in integrated security systems that combine physical access controls with cybersecurity measures. This alignment is crucial for reducing risks while maintaining convenience and ensuring compliance with company policies. Advanced converged technologies, such as biometric access controls and real-time monitoring systems, can aid in managing these risks. However, the ultimate responsibility lies with security professionals to chart the right course, integrating both physical and cyber security measures to safeguard their organizations effectively. Here is an example of a physical access breach leading to a logical access breach as completed by an ethical penetration testing company. “I went into the manager’s office and assumed the role of, “I’m here with the help desk. We’re trying to make the network faster.” He escorted me to every machine, and I did a 100% compromise of every machine in that branch, including the wire transfer computer and the network servers. He gave me full access to everything, and he walked with me to do it.” Jayson E. Street, Secure Yeti. Solution: To overcome these challenges, federal agencies can implement a converged security strategy involving the following key steps: Read the remainder of the article and recommended solutions here:
1 Comment -
Loginsoft
#DOYOUKNOWCVE CISA added CVE-2024-29824 to the Known Exploited Vulnerabilities (KEV) catalog! CVE-2024-29824: Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability. It allows attackers to manipulate database queries, potentially leading to unauthorized access or data modification. Stay vigilant and Patch immediately! Learn more from the LOVI platform: https://lnkd.in/dShfN_D6 #CVE #CISA #Ivanti #SQLInjection #Activelyexploited #POC #LOVI
-
Center for Development of Security Excellence
CDSE has access to many important resources, including the “DOD Cybersecurity Policy Chart.” The goal of this chart is to capture the immense breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme. To access this chart, follow the link below. https://lnkd.in/gJ9Tb6n #DOD #Cybersecurity
-
smalbizepp
Understanding D3fend: Your Guide to Cyber Defense. While Mitre Att&ck outlines the offensive moves of cyber adversaries, D3fend focuses on the defense. This framework offers actionable guidance to strengthen an organization's cyber defense mechanisms. Discover how to effectively implement these countermeasures and enhance your security posture against emerging threats. #CyberDefense #CyberSecurity https://www.rfr.bz/lb4b937
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More