Catch-up with Jake Williams (@MalwareJake) as he answers tough questions from the audience. Here are some of the questions asked:
- What do you expect the daily/weekly responsibilities of a threat intelligence analyst to include?
- If there is a dearth of EDR capabilities and SIEM, what are the top 1 or 2 things we can do to hunt for internal threats?
- What are the latest threats/trends that you are most worried about for the industry as a whole?
- What is your motivation for doing what you do?
- Would you please recommend resources for someone starting their threat hunting journey?
- Having seen what you've seen, what surprises you most about cybersecurity today?
- I am been member and a lead of Blue team from past 5 years. What should be my next career path?
- Is it possible for someone to get into the digital forensics field without already being in law enforcement?
- Should we forget about SSL decryption for monitoring user/server traffic outbound to the Internet?
- Threats are hard to condense & communicate to senior management, what is an effective way to relay a threat landscape (both internal/external threats) to them?
The list of recommended books for anyone interested in red teaming:
- The Hacker Playbook series
- Tribe of Hackers
- Secrets of a Super Hacker (recommended by audience member)