What are You Working on Wednesday
from shellsharks@infosec.pub to cybersecurity@infosec.pub on 13 Mar 2024 14:25

Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.


threaded - newest

scytale@lemm.ee on 13 Mar 2024 15:14 next collapse

ISO 27002 audit season baby!

PaddleMaster@beehaw.org on 14 Mar 2024 02:00 collapse

Sounds thrilling!!

I’ll be on vacation for our audit next week. I’m thrilled to miss it.

cron@feddit.de on 13 Mar 2024 17:52 next collapse

Did a website pentest - something I did not do for a while. Was very fun and we also had some interesting findings :)

PaddleMaster@beehaw.org on 14 Mar 2024 02:01 next collapse

Sounds like a fun assignment! Glad you got some interesting results!

shellsharks@infosec.pub on 14 Mar 2024 04:12 collapse

What are you normally up to?

cron@feddit.de on 14 Mar 2024 07:55 collapse

Security operating

slazer2au@lemmy.world on 13 Mar 2024 23:37 collapse

Working on an Ansible playbook to configure our security baseline over all the network devices we manage.

redfox@infosec.pub on 14 Mar 2024 10:54 collapse

Can you share any of the baseline that’s not specific to your org/sensitive? What sources are you using as a reference?

slazer2au@lemmy.world on 14 Mar 2024 14:19 collapse

I am using the Cisco hardening guide with some tweeks.


Covers things like only allowing sshv2, enable logging of commands to syslog, disabling the switch web servers.

redfox@infosec.pub on 14 Mar 2024 17:39 collapse

Nice. You guys allowing the playbooks to configure or just audit?

slazer2au@lemmy.world on 14 Mar 2024 18:12 collapse

we use the playbooks to configure, the trick is to do it in an idempotent way so when something is changed it doesn’t kick off alarm bells.

SNMPv3 is my current bane as snmpv3 accounts are not stored in running config so snmp always says something is changed.