Category Archives: Education

Passed the GOSI

As usual, I have a lot on my plate. So I don’t get to blog as much as I’d like. Then again, I haven’t had a cool project to work on for a while. Just going through skilling up on things. Back in March, I mentioned I took the SANS Security 487 course, Open Source (OSINT) Gathering and Analysis. For the last month or so, I’ve been studying for the exam.

So that’s a thing. Second SANS class taken, second GIAC exam passed. I’d share the embedded link, but it gives too much personal information away. So all that is here is the certification badge they provide.

 

 

 

 

 

 

 

Next up is going to be the Open FAIR certification. I went through the training on my own dime last year, and I’ve been slowly studying for that one since last year. I’m planning to schedule the test for mid-August.

For SANS/GIAC, next on my radar will probably be Sec 504 / GCIH.

After that, I’m still interested in the Python classes. Both Sec 573 Automating Information Security with Python and Sec 537 Practical Open-Source Intelligence (OSINT) Analysis and Automation.

They added a new one for OSINT, and I’m wondering how much overlap with the Automating OSINT by Justin Seitz there is.

I’m also interested in LEG52: Law of Data Security and Investigations and MGT512: Security Leadership Essentials for Managers. Both of those are for personal reasons. But in all the years I’ve been around the industry, I’ve only gotten to go two SANS classes, so it will probably take a while.

SANS Security 487

I recently took the SANS Security 487, Open-Source Intelligence (OSINT) Gathering and Analysis, course with Micah Hoffman. Now, I need to get started on the associated GIAC Open Source Intelligence (GOSI) exam prep.

When I put my training request in, my manager pointed out I could probably pass the exam without the course. Maybe my manager was right, but I like a good refresher course every once in a while.

Continue reading

Passed the GCTI

I know I haven’t posted much lately. Been busy, don’t have the time to research the cool things I want to, or read the books I want to.

I did recently pass the SANS For578 / GIAC GCTI exam back in June.

So that is a thing. First SANS Class taken, first GIAC exam passed. I’d share the embedded link, but it gives too much personal information away. So all that is here is the picture. 

 

 

 

 

 

 

 

I’m hoping to take the OSINT and Python classes in the not too distant future.

One of the differences between college and real life (bias in speaking)

Last talk I have, I expected audience participation, because I asked for it. I failed the audience. I know how to improve the talk for last time.

What was my bias that lead to me failing the audience? I’m used to participation being part of my grade, and having to participate. Others in classes were the same way. Yes we had some that barely participated. But usually half the class did.

Because that’s what I was used to in college class setting, that’s what I expected at a conference talk. The result was I failed my audience with expectations that I shouldn’t have put on them.

CSEC630 Lab 2

Ok. The lab was pretty much what I expected.

Click this Panic button to reset everything. Go look at this pcap in Wireshark. Run this command in cmd.exe (and even walks the student through opening a term window by go to the start button, type cmd in the run box).

Run Snort with the test option on a pre-defined rule set using the pcap you looked at. Modify the same rule multiple times, enabling and disabling an alert each time. Run to see the difference.

Answer these 10 questions.

The last question was how to improve the class… I forgot to say use a Linux VM instead of a Windows VM. Since one of my answers did require Grep. Which means copy and paste from the VM lab to my box connected to the lab.

Automating OSINT Python Course

A few months ago, a friend and co-worker asked if I had seen Automating OSINT. I hadn’t, so I went and checked it out and end up signed up for the free webinar. Turns out I had just missed the previous one by a few hours. And had some time to wait before the next one.

I’ve been wanting to expand beyond just bash scripting for most of my career. I tried learning Perl, and then I tried Python. The Google Python class, the MIT Python Class, Learn Python the Hardware, Think Python, Automate the Boring stuff with Python, and buying Python courses from Boing Boing. Problem is I never finished any of them. I think because I lose interest, and have other things to do.

Continue reading

UMUC CSEC610

So I completed the first class in University of Maryland University Center’s Cybersecurity program. The class was CSEC610 “Cyberspace and Cybersecurity”. I was extremely disappointed with the class. Full disclosure, I got an A in it. If you’ve followed my academic career, you’ll know I’m used to that grade.

The class felt more like a community college weeder class, if community colleges had those. The content covered in the class was the same I did in a Computer Information Systems program in the late 90s, at a community college before Infosec was a thing.

If you have experience in Infosec, this class will most likely be a waste of time, since it’s an overview class.

Continue reading