AMA with Jake Williams

Catch-up with Jake Williams (@MalwareJake) as he answers tough questions from the audience. Here are some of the questions asked:

  • What do you expect the daily/weekly responsibilities of a threat intelligence analyst to include?
  • If there is a dearth of EDR capabilities and SIEM, what are the top 1 or 2 things we can do to hunt for internal threats?
  • What are the latest threats/trends that you are most worried about for the industry as a whole?
  • What is your motivation for doing what you do?
  • Would you please recommend resources for someone starting their threat hunting journey?
  • Having seen what you've seen, what surprises you most about cybersecurity today?
  • I am been member and a lead of Blue team from past 5 years. What should be my next career path?
  • Is it possible for someone to get into the digital forensics field without already being in law enforcement?
  • Should we forget about SSL decryption for monitoring user/server traffic outbound to the Internet?
  • Threats are hard to condense & communicate to senior management, what is an effective way to relay a threat landscape (both internal/external threats) to them?

The list of recommended books for anyone interested in red teaming:

  • The Hacker Playbook series
  • Tribe of Hackers
  • Secrets of a Super Hacker (recommended by audience member)