Mar 27, 2022
Posted in blog, certification, Featured, forensics, Information Security
Recently, I challenged the GIAC/SANS GCTI exam. And I am excited to say I passed and have obtained the GCTI certificate!!!
The concepts for this course were much newer to me. Threat modelling, researching, and building a threat intelligence tech stack was amazing to learn. Usually, a threat intel program is conducted with very established and mature security programs. So, this is an area I have not seen too many people often get into. However, Threat Intel programs are slowly becoming more common. and knowing your adversary, as well as keeping track of an adversary that could potentially be targeting you is an awesome skill set to accomplish.
FOR578: Cyber Threat Intelligence class
I had taken the full course on threat intelligence. If you want to read my review of it check this blog post out –> https://www.stealthbay.com/a-review-of-for578-cyber-threat-intelligence/
Prepping for the exam
I highly advise everyone take the FOR578: Cyber Threat Intelligence course. You can get more details from here: https://www.sans.org/cyber-security-courses/cyber-threat-intelligence/
The course will prepare you for the exam and cover topics and tools that you will be tested on. There is a lot of material to learn in the course. So, dedicate a good amount of time towards learning the course material and all the concepts. The class was a huge learning experience in the world of Threat Intelligence.
After you take the course try going back to each book and building your index. After this, it is a good time to use up practice exam 1 and see how you fair in it. Use the section at the end, which lists out which sections you were weak in and go study them some more. Take practice exam 2 and hopefully this time you see an improvement. If so, then book your final exam within the next 2-5 days and go for it. This format always has worked well for me.
Making an Index
Read More Of ThiS Post
Dec 16, 2019
Posted in blog, Featured, Information Security
I’m proud to announce that I have now obtained my SANS – GIAC GCIH certification. It was a long process, and I pushed myself to get it done before the start of the New Year – 2020.
New SANS GIAC changes to exams
One thing that was particularly new
for me compared to the other 2 SANS exams I’ve done was the lab questions. SANS
with GIAC now has added a section that tests your knowledge through a virtual
lab. Now, I have to say I think it’s actually pretty awesome! It puts your real
world skills to the test to see if you can actually can apply needed practical
skills. It also gives companies assurance that their employees are also getting
and being tested on real hands on work and not just theory based topics.
Read more Of This Post
Apr 25, 2018
Posted in blog, Featured, Information Security, pen testing
SANS 542 – Winning the CTF Event
I just finished taking the SANS 542 vLive class on Web Application Penetration testing. During the last week (week 6) of the course, we have a CTF (Capture The Flag) event, where you team up with other classmates to exploit systems in a special SANS virtualized environment.
In our event, it started off being a bit unfair where the team I was on had 1 other person with me. While, the team on the other end had 4 members, so it was a 4 vs. 2 battle for most of the CTF. SANS has a similar environment as to one you would see at SANS Netwars. There is an area to create a team name, see your team rank and scores, as well as questions that are asked to you.
In the event our team thepentestninjas won the event leading the other team by over 100 points. We compromised all of the servers on the network, and completed the Level 3 mark. We however, got the very last system with 1 minute to spare.
SANS now has started a new program where they give out special SANS coins to winners of these types of events.
What is a SANS Pentest Coin?
(more…)
Mar 3, 2018
Posted in blog, Featured, Information Security
Passing The GSEC Exam
So, I’ve officially nailed down another Information Security certificate. And, this time a certificate from the SANS Institute with their GIAC- GSEC certificate. I thought I’d make a post for other people that plan to challenge the exam, and share my own personal experience through it all.
Is it Right For Me ?
The big question would be why are you thinking of obtaining this certificate? Does your work require it? Are you new to the information security field and want a better foothold into the industry? Do you wish to gain more knowledge and/or a higher quality of training? If it’s any of those reasons apply to you, then I would definitely point you towards getting your GSEC certificate.
Preparing For The Exam
So some may ask how they can best prepare for the exam? (more…)
Jan 12, 2017
Posted in Encryption, Quick Tips, Reviews, Tools
SSL Scanning Websites
So today, I came across a website that does a quick SSL test on your website.
Anyone with a website should really be running this tool. I actually did find a few minor issues and was able to gather some info about it.
Our Results
Here is what we got for our results:
whynopadlock
It’s looking good for us and especially since we have forced all our internal links to make use of HTTPS
I also wanted to list a bad result as shown below.
(more…)
My name is Harry Taheem
I am a Cyber Security Engineer.
My aim is to post things I learn or find interesting and allow others to hopefully gain some more insight. I also plan on posting general IT related issues, as I’d like 
