One of the major reasons on why I chose to take SEC530 is due to the class syllabus. A big item that stood out to me was learning more about implementing Zero Trust and an Insider Threat program. The course has a whole day dedicated to just those topics alone. Being in a Security Engineering role, this course is a great way to understand how to assess your current defenses within your organization. But, also allows you to plan ahead for future controls that may need to be built out over time.
If you’ve got an extensive amount of experience already working within the cyber security world. Then, some of the defenses may be items that you have already worked on or have some exposure on. For me personally, a lot of the materials from Day 1-3 were concepts and practical work that I have already experienced. However, Day 4-5 were excellent in learning new topics/ideas that will at least for me lead to fun future projects.
I took the vLive course option, which in my case was also taking place in person. So, it was a hybrid class with students in person, as well as students (such as me) taking it remotely for the week.
Day 1
The start to the course will go over many basic concepts related to best practices for physical and network security. You’ll get to play with the MITRE Framework, and understand the cyber kill chain. There is a good chunk of time dedicated to learning about various types of NetFlow data (on prem networking devices, cloud, endpoint). It’s a great start to the course to warm you up to the good stuff!
So, just before the end of a remarkably interesting and odd 2020 year. I decided to go ahead and take the FOR 508 class on Advanced Incident Response, Threat Hunting, and Digital Forensics. I felt this was a course that could really benefit security practitioners for understanding best practices & methods related to IR. As well as, learning new techniques for threat hunting in a large enterprise environment. I decided to put up a post listing our what you can plan to learn from this course should you decide to take it.
Winning the Coin
One of the coolest parts of the class is Day 6 (more details listed later). You get a chance to join into teams and compete in a class APT Threat group challenge. The team that wins the CTF gets an award in the sign of a special course specific SANS Coin. On top of that, SANS will add your name to the Community DFIR Coin holders list! It is a great achievement, and I have to say the challenge was very realistic and fun to tackle.
So, I found my first official Drupal Vulnerability with Drupal Core. You can read more about it officially on Drupal’s website here –> https://www.drupal.org/SA-CORE-2016-001
For those that don’t know much about Drupal it is a Content Management System similar to WordPress and Joomla.
During my time conducting a security assessment and audit on Drupal, I found an issue. This particular vulnerability was found many months back. I had decided to hold off on publishing anything about it so it would give many Drupal users time to mitigate the issue.
Passing the CISA exam – Certified Information Systems Auditor
So I though it would be interesting to post up a blog post about my experience challenging the the CISA exam last year in 2016.
I had started this blog a bit afterwards, and never really thought about posting my experience. But, many others have always asked about my experience taking the CISA exam ,and if there were any tips I could give them to better their chances of passing the exam. My hope is this post helps those that end up reading this and gives them a better insight on the adventure of obtaining the ISACA CISA certificate.
A question I often get asked by a lot of mobile users is regarding how they can secure “harden” their mobile devices. What can they do to add some layers of protection to secure their mobile devices?
There aren’t a whole lot of software tools that are out there which actually harden mobile devices. And, it’s a bit unfortunate that mobile security has a lower priority these days.
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like StealthBay to be a place where IT users can find some form of knowledge and education. And, hopefully I can learn a few new things from other users as well who also wish to share their own experiences and knowledge.
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
