SECTION 9 Cyber Security

SECTION 9 Cyber Security


Latest Episodes

Azure AD FS and Operational Issues - 132
October 21, 2019

We’re looking into new technology like Azure AD FS. Before we can start new projects, we need to get the operational side of things in order. We’ve done a good job of clearly defining a patch management process. It’s time to work on change, incident and p

Security Solutions & Process - 131
October 07, 2019

Are fancy security solutions like Palo Alto firewalls, ExtraHop or LogRhythm going to keep you secure? By them selves, no. It doesn’t matter what the vendor says. There’s no such thing as a security solution that magically saves the day. A good solid secu

Streamlining Operations - 130
September 24, 2019

How do we do section 9 projects, keep systems running, and record a weekly podcast while having full time jobs? We need the right combination of tools and process.

They Convinced Me To Take The Job - 129
September 23, 2019

Time to talk about the new job. Can’t say much yet. I start this coming Tuesday. I can say that what they offered was too good to believe. They want to do the things we talk about on the show. Proper planning, management, documentation. They even talked a

Secure Configurations With CIS Benchmarks - 128
September 16, 2019

Time to start securing systems and software. To do that, we’re using the CIS benchmarks. These are configuration guides for things like Windows 10 and BIND 9. The two things we’re focusing on. We have to start somewhere.

How are we doing? - 127
September 09, 2019

Are we going in the right direction? Are we doing the things we said we would? Time for a quick review. Overall, we’re doing pretty good. There are a few things we need to work on. That’s okay. Now’s the time to figure that out. We still have a long way t

What do you do when you find a vulnerability? - 126
September 02, 2019

We found a couple of vulnerabilities during our weekly patch review. According to Automox, we needed to update Google Chrome and Microsoft’s .NET framework. This lead to a discussion about patching early. Don’t panic. Make a plan before you do anything. P

Is our network connected power strip a security issue? - 125
August 26, 2019

We’ve got a Synaccess network connected power strip. Devices like this aren’t built with security in mind. Is this device a security issue? Should we be concerned? Could a hacker access this device?

124 - We’re Focusing on Risk Assessments
August 19, 2019

We have business & tech issues to deal with. On the business side, we have some basics to take care of. It’s part of doing business. On the tech side, we’ve decided to focus on Risk Assessments. We’re conducting two kinds. A quick critical controls assess

123 - Using Our Simple Patch Management Process
August 12, 2019

It’s official! We can say we’ve double checked our patch process. It’s quick and easy. We still have to double check our 3rd party apps. We’re hoping to start that process before the end of the month. Remember, patching is one of the most important thin