- 23
- 78 434
Hacking Matters
Germany
Приєднався 30 січ 2023
Welcome to Hacking Matters, your ultimate destination for cybersecurity education and best practices.
First month in identity management
Let's walk through critical steps like federating identities, securing access with multi-factor authentication, and consolidating access for a streamlined, zero-trust system.
Identity is the key parameter in modern security.
LinkedIn: www.linkedin.com/in/karsten-nohl/
Subscribe to Hacking Matters for more insights: t.ly/pHLqG
----------------------------------
Timestamps:
0:37 Identity management becomes important
1:17 Steps in the identity management journey
1:31 Federating identities
3:35 Securing access
5:20 Consolidation
6:43 Refining access rights
7:42 Reviewing access rights (Regularly)
----------------------------------
#cybersecurity #hacking #identitymanagement #cybereducation
Identity is the key parameter in modern security.
LinkedIn: www.linkedin.com/in/karsten-nohl/
Subscribe to Hacking Matters for more insights: t.ly/pHLqG
----------------------------------
Timestamps:
0:37 Identity management becomes important
1:17 Steps in the identity management journey
1:31 Federating identities
3:35 Securing access
5:20 Consolidation
6:43 Refining access rights
7:42 Reviewing access rights (Regularly)
----------------------------------
#cybersecurity #hacking #identitymanagement #cybereducation
Переглядів: 700
Відео
How to develop a Hacking Mindset
Переглядів 1,6 тис.День тому
Becoming a skilled hacker it’s more than just technical knowledge-it’s a mindset. If you’re curious about how things work and want to understand how to influence them, you’re already on the right path. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 0:50 What's the hacking mindset 01:19 Ability to program 02:10 Community & Target 03:15 Understanding ...
Cyber defence funnel
Переглядів 2,5 тис.14 днів тому
Cyber security is a journey, not a project. We need to set our expectations accordingly. Renowned hacker and experienced CISO Karsten Nohl outlines what level of security is realistic and practical to achieve: Keeping "99%" of hacking groups out. LinkedIn: www.linkedin.com/in/karsten-nohl/ Subscribe to Hacking Matters for more insights: t.ly/pHLqG Timestamps: 0:36 Setting achievable goals at cy...
How to create effective Risk Acceptances
Переглядів 2,1 тис.21 день тому
Risk acceptances are essential for balancing innovation and security. This video explores how to enable experimentation, focus on provable risks, and secure your baseline. Discover best practices, including creating a risk-friendly environment and using structured risk acceptance forms to make informed decisions. Achieve growth while maintaining security in balance. Subscribe to Hacking Matters...
Security vs Innovation
Переглядів 2,8 тис.Місяць тому
In this video, we dive into the delicate balance between 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 and 𝗶𝗻𝗻𝗼𝘃𝗮𝘁𝗶𝗼𝗻, exploring how these two forces often conflict but are both essential in today’s tech landscape. We’ll discuss why cutting-edge advancements can sometimes create vulnerabilities, and how security measures can slow down innovation. Learn strategies for achieving a balance that drives growth without compromising safe...
Effective Cyber Certifications
Переглядів 2,6 тис.Місяць тому
In this video, we break down the critical role of 𝗰𝗲𝗿𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀 in the cybersecurity industry and why they matter - but that’s not all. While certifications like CISSP and OSCP are important, we also explore why hands-on experience remains unmatched. Learn how the right mix of formal credentials and practical know-how can set you apart in a competitive field. Subscribe to Hacking Matters chann...
Post intrusion
Переглядів 3,2 тис.Місяць тому
We arrive to the final stage of a hacking incident: 𝘁𝗵𝗲 𝗿𝗲𝘀𝗽𝗼𝗻𝘀𝗲. Learn how to prioritize your defense against criminal hackers, manage ransomware attacks, and handle crisis communication with your stakeholders. Discover tips on negotiating with hackers, limiting the damage of a data breach, and involving cyber insurance experts in your defense. Subscribe to Hacking Matters channel: t.ly/pHLqG ...
Lateral movement
Переглядів 2 тис.Місяць тому
We arrive to the lateral movement phase of a hacking journey. Learn how hackers extend their access across corporate networks and how defenders can leverage detection and defense tools to prevent further intrusion. 2022 research on EDR: ua-cam.com/video/CKfjLnEMfvI/v-deo.htmlsi=ZP7n6FqHC_34HoJJ Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: de.linkedin.com/in/karsten-nohl 0:44 Later...
Initial intrusion
Переглядів 3 тис.Місяць тому
Now, we dig deeper into the simplified hacking kill chain. Today's topic: 𝗶𝗻𝗶𝘁𝗶𝗮𝗹 𝗶𝗻𝘁𝗿𝘂𝘀𝗶𝗼𝗻. From overlooked patches on VPNs and firewalls to internal protocols unnecessarily exposed to the Internet, we cover it all. Learn why hackers focus on scalable attacks, the importance of regular vulnerability scanning, and best practices for patch management. Subscribe to Hacking Matters channel: t.ly/p...
Simplified Hacking Kill Chain
Переглядів 2,3 тис.2 місяці тому
Ever wondered how cybercriminals infiltrate organizations? It’s not like the movies. In this video, we break down the Hacking Kill Chain - a step-by-step guide to how hackers work their way into systems: 1️⃣ Initial Intrusion - The first breach 2️⃣ Lateral Movement - Spreading through the network 3️⃣ Mission Accomplished - Achieving their hacking goals ⏱ Early detection is critical to stopping ...
Building Security Teams
Переглядів 3,1 тис.2 місяці тому
Discover the security teams inside a organisation: Security Advisory, Security Operations, Security Assurance and Security Compliance. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 00:50 Teams of a security organisation 01:21 Security Advisory 2:11 Security Operations 2:45 Security Assurance 3:20 Security Compliance 4:50 Security Team example #cybe...
Zero Trust
Переглядів 2,3 тис.2 місяці тому
Explore the fundamentals of Zero Trust in cybersecurity. Learn how to disentangle authentication and decentralize authorization for enhanced security. Dive into actionable steps for implementation and pave the way for a more resilient digital infrastructure Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 00:40 Definition of Zero Trust 1:06 To do's of...
Cyber Insurance
Переглядів 2,5 тис.2 місяці тому
Cyber insurance it's more than just financial coverage, learn how it serves as your strategic partner in cybersecurity incidents, helping you navigate threats effectively. Choose wisely by selecting an actively managed provider to stay ahead in the cyber defence game. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 0:00 - Intro 0:41 - Cyber insurance...
The role of the CISO
Переглядів 4,4 тис.3 місяці тому
Explore the pivotal role of the Chief Information Security Officer (CISO) in navigating the delicate balance between security and innovation. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ 0:00 - Intro 0:33 - The role of the CISO explained 3:57 - 3 pillars of moderated risk process 7:52 - Recommendations #cybersecurity #ciso #innovation #riskmanagement
Getting security operations underway - Hacking Matters
Переглядів 5 тис.3 місяці тому
Look at the crucial aspects of implementing threat monitoring and learn about common mistakes to avoid. There are three fundamental guidelines to follow for effective threat monitoring. Subscribe to Hacking Matters channel: t.ly/pHLqG LinkedIn: www.linkedin.com/in/karsten-nohl/ Timestamps: 1:13 Threat monitoring 1:25 Common mistakes 1:50 When implementing Threat Monitoring 4:16 Criteria for cho...
Must have security tools - Hacking Matters
Переглядів 5 тис.3 місяці тому
Must have security tools - Hacking Matters
Network segregation done right - Hacking Matters
Переглядів 2,6 тис.4 місяці тому
Network segregation done right - Hacking Matters
Vulnerability management done right - Hacking Matters
Переглядів 7 тис.4 місяці тому
Vulnerability management done right - Hacking Matters
Patching done right - Hacking Matters
Переглядів 4,5 тис.4 місяці тому
Patching done right - Hacking Matters
5 baseline security processes - Hacking Matters
Переглядів 2,9 тис.4 місяці тому
5 baseline security processes - Hacking Matters
Juni
BG Music is irritating
Hi, great video! You mentioned, that you'll link to more videos on honeypots and zero trust. Could you add those? Thank you!
Good Information, appreciate your insight into the role of a CISO! God Bless!
interesting . Thanks for explaining this topic.
nice, didn't even know cis benchmarks existed
CIS is a wealth of information! Just keep in mind that you'll never be compliant with all their recomms ... It's more a collection of suggestions :)
😮
That s so good. i have question about ai. can ai reaplace cybersecurity ?
Thanks for the nice feedback! For the moment, AI tools complement cyber. They act as co-pilots for both hackers and defenders. The potential for defenders is probably larger, but only time will tell :)
Great content. Greetings from Brazil 🫶
Thank you, Rodrigo! Means a lot coming from you. Let's catch up :)
________---🎉❤---________
Network segregation 😮😮😮
Hey I saw your post on Upwork Platform, I wasn't able to text there. I am texting you here. I am interested in work please let me know if you want to work. I can provide you my previous work as well. Please let me know. Thanks.
I have a hacker right now
Let's try to start a discussion. Karsten, you choose four points from Prevention and then take one topic from Recovery, jumping over Detection and Reaction. Let's say we're talking about cycling safety. And you say: to minimise the risk of cycling you need a good helmet, good brakes, good tyres that don't slip in the rain and good health insurance to put your teeth in after a bad fall. This is how "patching" and "recovery" sound to me in one context.
Well said, Boris! The main point is: Don't upgrade your brakes as long as you have no helmet. Always focus on the weakest capability first :)
@@Karsten_Nohl good idea, got it :) But my point was: we should not mention BCM as one part of Cyber Security. BCM is actually as big and as challenging as entire Infosec and it's a separate job with dedicated ISO 22301 norm etc. If CISOs had a union, it would have to fight for a number of things: no, we won't be reporting to CIO and no, we won't consider BCM as one of the things on our agenda...
@@borisawdejew2556 Agreed! Security is a team sport; the CISO is the Libero, but others need to play, too, in order to win (most of the time).
Thanks for new video, Karsten! Keep going :-)
Thank you, Boris! This means a lot to me!~
Could not have framed it better myself. Thanks.
Thank you very much, Suva!~ Glad we got a chance on work on this together :)
I think the core takeaway is schedule time to do patching, not just doing them as needed.
Well summarized, Matt! Patching becomes overwhelming unless you plan for it.
Do we need a workout on golden images? 🤔
Absolutely! A golden image is like giving vaccines to babies. Protects from many threats for many years.
Thought-provoking ideas! Thanks for sharing.
Lovely video! The person who took the video seems pretty skilled 😉
Very nice work, Bhai Sankalp! 🙏