What I’m Thankful for as a Security Practitioner
In the spirit of the season I thought I would share a few things I am thankful this year as a security practitioner:
While often not mentioned in many security blogs, family plays a large role in the success of a practitioner. Working in SecOps means long work hours, high stress, and constant tinkering while trying to stay up to date on new technologies and threats. This means home life often takes one for the team in order to support the practitioner. I want to say thank you to my family for helping me be successful this year and all the years prior. Thank you.
My team is often an extension of my own family. The long hours and trial by fire tend to forge the strongest of bonds between teammates. It comes from being in the trenches together and knowing that you can count on them and that they can count on you when in need. From the veterans that mentor junior analysts and handle the big projects, to the junior analysts with a thirst for knowledge and the desire to be the best they can be. Thank you. Also, a good manager and/or mentor is worth their weight in gold plated memes. I won’t name anyone by name here but I wouldn’t even be in the security field if it wasn’t for my first mentor, and I wouldn’t still be successful if it weren’t for my last two. Thank you.
The Open Source Community:
I don’t know of many security practitioners without a home lab or a test lab at work to try new things out. Thanks to the open source community and the software they pour their time, sweat, and tears into, we practitioners are able to try new things without breaking the bank. Some of the most popular tools in the industry are open source and get used in enterprise production environments all the time. Things like Bro IDS, SecurityOnion, cuckoo, pfsense, OpenVPN, sysmon, SIFT, and REMnux. These are just a few of the security specific tools and applications I use everyday. I could go into all the others I use daily on my laptop but the list would be too long. Thank you to all who contribute to the development of these. And to the users of these wonderful technologies, please remember to donate to the projects.
If you’ve read this far, then you’ve probably started thinking about some people you know who helped you along the way that you’ve lost contact with. I suggest taking a few minutes over this long holiday weekend to reach out to them and reconnect. And don’t forget say thank you for all they’ve done.
And as always, remember my motto: Flag it, Tag it, and Bag it.
For more threat hunting insight:
- Read Ryan’s blog post on threat hunting for lateral movement
- Watch our podcast on endpoint and network threat hunting
- Check out our training session on building a threat hunting team
- View our webinar with Carbon Black featuring Ryan on how to threat hunt for lateral movement