issues
Lesson 2 - Least PrivilegeNo one should have administrative access. All elevated access should be checked out when you need it and checked back in (automatically if possible). Just like UAC. MFA should be required, proximity or push based. And every use of a …
Lesson 1 - YOU could be “Legacy”Stop thinking that just because it did or didn’t work X way when you learned it, it still does or doesn’t. That could be 20 years ago. Technology changes faster than you do.
Today (May 2nd) I keynoted @BSidesVancouver. It was an honor to be asked and I had a great time. Conference Link: https://hopin.com/events/bsides-vancouver-2022/I talked about 11 lessons learned over my career that contradict some of the edicts that are well …
This newsletter is an effort to help organizations make better decisions about security related topics through distilling the snake-oil, advertising, and self interest into actionable data.