Water Plant Breach: Security Best Practice Feature

In this podcast, Heather chats with Vulnerability Management Specialist Roxy and SOC Analyst Dusty about the security best practices concerns at play in the recent water plant breach.

Related articles: 

• Florida Water Plant Hack: Leaked Credentials Found in Breach Database
• Breached water plant employees used the same TeamViewer password and no firewall

• Hacker breaks into Florida water treatment facility, changes chemical levels

Click here for our podcast transcript.

An Inside Look at the Collegiate Penetration Testing Competition

Curious about the Collegiate Penetration Testing Competition (CPTC)? In this podcast, Heather welcomes Tom Kopchak, Josh Neubecker, and Meredith Kasper to chat about their experiences working to bring the competition to life.

Learn more about CPTC from Tom's blog posts and by visiting the CPTC website and Twitter profile: 

• CPTC Review Part 1: The Setup, Part 2: The Ethics, Part 3: The Process, and Part 4: The Data blog series by Tom Kopchak
• How to Use the 2019 CPTC Security Dataset in Splunk tutorial by Tom Kopchak
• Explore the GlobalCPTC website
• Find @nationalcptc on Twitter

Click here for a podcast transcript.

Creating a Vulnerability Management Policy

In this podcast, Heather chats with Roxy, our Vulnerability Management Specialist, and Bill Mathews, our Chief Technical Officer and owner of Hurricane Labs, about preparing vulnerability management policies.

Be sure you check out some of the related resources mentioned during this episode: 

• How to Write a Vulnerability Management Policy by Roxy
• NIST
• PCI
• SOC

Click here for a transcript of our chat. 

FireEye & SolarWinds Follow-Up with Senior SOC Analyst Tony Robinson

In this podcast, Heather welcomes Senior SOC Analyst Tony Robinson back for a follow-up discussion about the FireEye and SolarWinds breaches. 

Related resources: 

FireEye and SolarWinds Breaches Q&A with Senior SOC Analyst Tony Robinson

In this podcast, Heather welcomes Senior SOC Analyst Tony Robinson to talk about the FireEye and SolarWinds breaches in a Q&A. 

Be sure you check out some of the related resources mentioned during this episode: 

Improving Security Defenses with MITRE ATT&CK: Part 2

In part 2 of this podcast series, Heather Terry welcomes members of the Hurricane Labs SOC team, Brian Karrigan, Kurt Wolfe, and Meredith Kasper, to continue the discussion about the MITRE ATT&CK framework. This episode provides a few more details about what setting up the framework is like and what our team is excited about with MITRE as we move forward. 

Also, make sure you check out some of the related resources mentioned during this episode:

• MITRE ATT&CK Framework Q&A: What Red and Blue Teamers Should Know blog post by Meredith Kasper, Pentester, Hurricane Labs
• MITRE ATT&CK: Finding the Right Frame(work) for Your Map blog post by Brian Karrigan, SOC Analyst Tier II / Implementation, Hurricane Labs
• Man and Machine: A Look at Neurotechnology blog post by Jeremy Nenadal, Splunk Admin II, Hurricane Labs
• A Day in the Life of a SOC Architect blog post by John Blainer, SOC Analyst II, Hurricane Labs
• Hurricane Labs Careers – We are currently hiring for SOC and Splunk Development positions. Apply today! 

Click here for a transcript of our chat.

Improving Security Defenses with MITRE ATT&CK: Part 1

On today's show, Heather Terry welcomes Bill Mathews, Hurricane Labs' Owner and CTO, and Josh Silvestro, Hurricane Labs' SOC Tier II Team Lead, to discuss the MITRE ATT&CK framework. This conversation provides insight into what the framework is and its value to security teams. 

Also, make sure you check out some of the related resources mentioned during this episode: 

• MITRE ATT&CK Framework Q&A: What Red and Blue Teamers Should Know blog post by Meredith Kasper, Pentester, Hurricane Labs
• MITRE ATT&CK: Finding the Right Frame(work) for Your Map blog post by Brian Karrigan, SOC Analyst Tier II / Implementation, Hurricane Labs

Click here for a transcript of our conversation.

Straight from the SOC: Team Interview with Heather Terry and Hurricane Labs

On today’s show, Heather Terry welcomes three members of the Hurricane Labs' SOC (security operations center) team to share a bit about their career journeys, to answer some of the infosec questions we’ve been asked via social media, and to talk about how they deal with burnout. 

Also, make sure to check out some of the resources mentioned during this episode: 

• Building Virtual Machine Labs: A Hands-On Guide book by Tony Robinson, Senior Security Operations Analyst, Hurricane Labs
• 5 Insider Tips for Preventing Burnout in Cybersecurity blog post by Meredith Kasper, Pentester, Hurricane Labs
• MITRE ATT&CK Framework Q&A: What Red and Blue Teamers Should Know blog post by Meredith Kasper, Pentester, Hurricane Labs
• MITRE ATT&CK: Finding the Right Frame(work) for Your Map blog post by Brian Karrigan, SOC Analyst Tier II / Implementation, Hurricane Labs

Click here for a transcript of the discussion.

The Women in Tech-quila Episode: Raising a Toast to Women in STEM

Reflections on the Technical Communication Summit 2020

In this podcast, Hurricane Labs Technical Writer Heather Terry talks about her experience at the Technical Communication Summit of 2020. 

Read the episode here.