AMA with Jake Williams

Catch-up with Jake Williams (@MalwareJake) as he answers tough questions from the audience. Here are some of the questions asked:

• What do you expect the daily/weekly responsibilities of a threat intelligence analyst to include?
• If there is a dearth of EDR capabilities and SIEM, what are the top 1 or 2 things we can do to hunt for internal threats?
• What are the latest threats/trends that you are most worried about for the industry as a whole?
• What is your motivation for doing what you do?
• Would you please recommend resources for someone starting their threat hunting journey?
• Having seen what you've seen, what surprises you most about cybersecurity today?
• I am been member and a lead of Blue team from past 5 years. What should be my next career path?
• Is it possible for someone to get into the digital forensics field without already being in law enforcement?
• Should we forget about SSL decryption for monitoring user/server traffic outbound to the Internet?
• Threats are hard to condense & communicate to senior management, what is an effective way to relay a threat landscape (both internal/external threats) to them?

The list of recommended books for anyone interested in red teaming:

• The Hacker Playbook series
• Tribe of Hackers
• Secrets of a Super Hacker (recommended by audience member)

‍