Teri Radichel is a professional cybersecurity speaker, trainer, and author. The following are links to some of her past presentations, articles, blog posts, books, and security classes. For more information please follow Teri on Twitter @teriradichel, contact her on LinkedIn, or visit the 2nd Sight Lab website to see services she offers such as cloud security training, cloud penetration testing and cloud security assessments.
Learn about cybersecurity fundamentals such as networking, identity and credentials, encryption, vendor assessments, supply chain security, security automation, DevOps and more. Written at the executive level…
This is the next in a series of blog posts about inspecting network traffic and creating firewall rules to limit your risk. The series started here:
The last post covered logs you need to spot C2 traffic:
This is a quick post to help you decipher certain IP Registry records and reduce the number of rules you have to add in your firewall ruleset potentially.
As I look up IP addresses, I often find creative (shall we say) entries for CIDR block ranges. …
Bellow you’ll find all last week’s top cyber news from sources we follow.
2nd Sight Lab comments in highlighted in gray.
The week started off with an article about a topic that’s come up a lot in consulting calls: Container Runtime Security. When vendors try to sell you the latest and greatest in security make sure you understand how to correctly analyze the solution. Some security products introduce new risks while providing additional security. …
If you still think you only need identity to secure your environment and no network security controls, you probably haven't studied many cyber attacks. Please start with this series of blog posts on the Solar Winds Hack. Understanding C2 servers is one of the most important concepts you need to know in cybersecurity.
In my last few posts, I explained some concepts that might help you monitor network traffic, starting with this basic explanation.
Then I explained that there is one simple rule that can block a lot of network traffic. If you followed the instructions closely you will notice…
In my last post I explained that there’s a single firewall rule that can identify a whole lot of useless noise on your network.
Now, I’m going to suggest a controversial idea in the world of cybersecurity where professionals want every single log — not logging a particular subset of network traffic. Before you start to shame me into oblivion (I know who you are…the same people that flipped out on me when I said maybe cloud could have some security benefits) read my next post also linked at the bottom.
This suggestion is not for production workloads hosting sensitive…
Several companies have asked me about container runtime security solutions in my consulting calls (scheduled through IANS Research). Be aware that these solutions interact at a very low level with calls headed for your system kernel. I’m not going to get into the details too much here, but software can operate at different levels within a system — user space or kernel space. The container runtime solutions are a brilliant solution because you don’t have to depend on the security controls within a container or sidecars alone, but they also come with some inherent risks.
Given the number of supply…
Bellow you’ll find all last week’s top cybersecurity news from sources we follow. See last week’s news feed for the type of stories we publish in this blog.
2nd Sight Lab comments in highlighted in gray.
This week, 2nd Sight Lab was pretty busy with penetration tests and arranging classes. We’re also onboarding an intern to help test new class labs. Busy led to only one blog post this week. Hope you are enjoying your holiday in the US. …
I explained in the last post how to inspect your network traffic logs.
There’s one simple rule you can add to your network firewall to block a whole bunch of rogue traffic all at once. When you create this rule you can set it to automatically drop the packets and provide no response to the offending party sending you the noisy traffic. This may help your firewall performance. It may degrade their network while they sit there waiting for a response that never comes. It depends on how their software handles the packets.
This may not work in a very…
Bellow you’ll find all last week’s cyber news from many sources we follow. We post news and research from third-party sources.
2nd Sight Lab comments and analysis highlighted in gray.
Governance Foundations in the Cloud
2nd Sight Lab continues to revise and improve our cloud security class. We wrote about some of the foundational information that has always been in our class but we are currently expanding to go into more detail.
How to Inspect Network Traffic
Finally get to a blog…
In my cloud security class, I teach students how network architecture can make a difference when trying to spot malicious traffic on your network. The same applies to your home network. You need to weed out the noise to drill down to what your systems are doing and what could be a true threat. You may also just be curious what traffic your systems are sending to vendors and why.
One of the problems people will have on a home network is that it’s difficult to inspect traffic on a WiFi network using most consumer-grade products. They may not provide…