Hey, you create really valuable and informative content for cybersecurity aspirants like me. We are very fortunate to have you! You are cool! 1) At 07:32 you said that you would leave the powershell command down in the description but I couldn't find it. 2) I am unable to understand the purpose of Atomic Red Team. What's its purpose in this video and what exactly are we trying to achieve by using it? Thanks in advance!
Thanks! The command should be there now - As for the purpose of ART, you use it to generate telemetry for behaviours of what attackers generally perform but in a safe environment. By using this, you can create detections to detect similar activities in the future and hopefully catch evil. Hope that helps!
❤ Got my splunk and windows victim setup :D So excited to run this. Thank you MYDFIR. I only heard of atomic red team but now I know how I can learn from it.
I've been loving your channel! Can you help me understand the differences between a SOC, MSSR, and CSIRT? I'm attending GIAC SEC504 starting next month, and am trying to align my goals for what to look for in my first jobs. I'm transitioning into cybersecurity from software development. Thanks!
Great question, by MSSR, do you mean MSSP? A SOC is a within a company that is responsible for monitoring, detecting & responding to threats. A SOC can be in house or outsourced to another company such as an MSSP and has various roles within it. MSSP are service providers that typically handle, in this case, security services for organizations who do not have the capacity to do so. CSIRT - This is the incident response team. They do not comprise of only technical folks that handle security incidents but also people such as Legal, HR, Comms, C-Suite execs. Essentially those that need to be in the know and ready to help the organization recover from the incident. Hope that helps! Let me know if you need more info
That helps! Yes I meant MSSP as well. Thanks!! My company will pay for two SANS courses. I'm thinking either SEC504 + FOR508 or FOR500 + FOR508. What are your thoughts?@@MyDFIR
❤❤❤❤ I'm really learning a lot of good stuff from your videos
Awesome! Thank you!
Really enjoy the videos, just glad its coming from someone who has actually worked in a soc and can give good advice ❤️
I appreciate that!
Hey, you create really valuable and informative content for cybersecurity aspirants like me. We are very fortunate to have you! You are cool!
1) At 07:32 you said that you would leave the powershell command down in the description but I couldn't find it.
2) I am unable to understand the purpose of Atomic Red Team. What's its purpose in this video and what exactly are we trying to achieve by using it?
Thanks in advance!
Thanks! The command should be there now - As for the purpose of ART, you use it to generate telemetry for behaviours of what attackers generally perform but in a safe environment. By using this, you can create detections to detect similar activities in the future and hopefully catch evil. Hope that helps!
@@MyDFIR Thank you so much for the super quick response! That did clarify things for me.
You’re Awesome bro!
This is exactly why I love your channel, once again, this is gold for someone without experience and trying to get in the amazing world of cybersec. ♥
Thank you for watching! I love creating content for you and makes it even better if you find it useful. ❤
❤ Great timing on this video as I am studying CySa+
Good luck!!
I enjoyed this lesson, thank you for the good explanation. ❤
You're very welcome!
Very helpful channel ❤
Glad to hear that!
❤ Keep up the great job ❤
Thank you🙌
you deserve the best thanks
Thank you ❤️
❤ Got my splunk and windows victim setup :D So excited to run this. Thank you MYDFIR. I only heard of atomic red team but now I know how I can learn from it.
Sweet! Time to play around and remember to take your snapshots before breaking things 😂
❤ Thanks for your videos
You are so welcome!
♥ Very informative! Thank you MyDFIR
Glad you liked it!
Amazing content great delivery and awesome execution , Keep it coming
Thank you!❤️
❤ Although I'm late, your contents are always gold. thank you for providing us quality content
Glad you like them! Thank you for watching ❤️
❤ I stumbled on your channel and so glad I did. Thanks for the quality videos and info.
You are so welcome! Thank you for watching ♥
❤ again... different videos ... excellent videos... different approach to people... keep it like that.. 👌👌👌
Thank you so much 😀
❤️
I've been loving your channel! Can you help me understand the differences between a SOC, MSSR, and CSIRT? I'm attending GIAC SEC504 starting next month, and am trying to align my goals for what to look for in my first jobs. I'm transitioning into cybersecurity from software development. Thanks!
Great question, by MSSR, do you mean MSSP?
A SOC is a within a company that is responsible for monitoring, detecting & responding to threats. A SOC can be in house or outsourced to another company such as an MSSP and has various roles within it.
MSSP are service providers that typically handle, in this case, security services for organizations who do not have the capacity to do so.
CSIRT - This is the incident response team. They do not comprise of only technical folks that handle security incidents but also people such as Legal, HR, Comms, C-Suite execs. Essentially those that need to be in the know and ready to help the organization recover from the incident.
Hope that helps! Let me know if you need more info
That helps! Yes I meant MSSP as well. Thanks!!
My company will pay for two SANS courses. I'm thinking either SEC504 + FOR508 or FOR500 + FOR508. What are your thoughts?@@MyDFIR
You are amazing 😍
Thank you so much 😀
Clear and Concise 👍🏻
Thanks❤️
❤❤❤❤
❤ very informative thank you so much for sharing
Glad it was helpful!
nice content as always.
Thanks!
♥
💘 As usual!
❤ thanks for sharing!
Thanks for watching!
❤always on point love it
Thanks for watching! ❤️
❤
When will be your course release?
Late May or early June is my goal
@@MyDFIR Thanks goat 🐐
Bonus install Splunk Security Essential and map Mitre Framework
Absolutely! Include sysmon data as well and you’ll have a nicely mapped TTPs of events(still need to vet some of them but pretty cool nonetheless)
🤎
Hey! You're the winner of the giveaway! You get 1 free TryHackMe voucher for 1 month. Please reply for further instructions. (You have until July 2nd)
❤
❤❤❤❤
❤❤
❤
❤
❤
❤
❤
❤
❤
❤
❤
❤
❤
❤❤
❤❤
Thanks for watching!
❤
Thanks!
❤