Download the App!
show episodes
 
Get involved in the exciting world of Digital Forensics and Incident Response with: Traffic Light Protocol. The Digital Forensics Podcast. In each episode, we sit down with seasoned DFIR professionals, the blueteamers who work around the clock to investigate cyber intrusions. From data breaches to cyberattacks, they share firsthand accounts of some of the most intense investigations they've ever tackled, how they deal with burnout and the added pressure of cat and mouse while they learn abou ...
  continue reading
 
Loading …
show series
 
Send us a text Key Takeaways: Introduction to Hayabusa: Hayabusa is an open-source Windows Event Log Analysis Tool used for processing EVTX logs to detect suspicious activities in Windows environments. Critical Alerts Detection: The tool is capable of detecting a variety of suspicious activities, including WannaCry ransomware and unauthorized Activ…
  continue reading
 
Send us a text In this episode of Traffic Light Protocol, Clint Marsden is joined by Jonathan Thompson, a developer and AI enthusiast currently studying at Macquarie University. Together, they dive into how artificial intelligence (AI) is transforming the cybersecurity landscape and discuss Jon’s insights into AI’s potential applications in digital…
  continue reading
 
Send us a text Episode 13 is another giant episode with a focus on what its like be in the mud working on real life forensic investigations. Jacob and Clint talk about ELK EDR, using Sysmon. Sandbox Environments: Jacob discusses the creation of a sandbox environment using an ELK stack combined with Sysmon, enabling in-depth malware analysis by capt…
  continue reading
 
Send us a text Quotes: “In the fast-paced world of DFIR, you are a mission critical system. Your job isn’t just to uncover what happened during an incident, but to do so in a way that gets results fast.” “Specialists bring expertise that pushes the entire industry forward, while generalists offer versatility and adaptability in the ever-changing la…
  continue reading
 
Send us a text In this episode of Traffic Light Protocol, we sit down with Myles, a cybersecurity veteran with over 15 years of Cyber experience and background as a Combat Engineer in the Army. Myles brings his unique perspective on integrating automation and cloud technologies into cybersecurity infrastructure deployment (Used specifically when de…
  continue reading
 
Send us a text Quotes: "Phishing targets the human element, the 'wetware,' often the weakest link in any security chain." - Clint Marsden "Phishing isn't just about poorly spelled emails anymore; it's about sophisticated campaigns that even cyber-aware individuals can fall victim to." - Clint Marsden "Effective defense against phishing involves not…
  continue reading
 
Send us a text Episode Title: "Unmasking APT40: Tactics, Challenges, and Defense Strategies" Key Takeaways: APT40 is a sophisticated Chinese state-sponsored cyber espionage group active since 2009. They target various sectors including academia, aerospace, defense, healthcare, and maritime industries. APT40 uses advanced tactics such as spear phish…
  continue reading
 
Send us a text In this episode, Clint Marsden goes straight into 4 practical strategies that enable better forensics and stop data exfiltration, no matter the size of your budget. Clint covers deploying Sysmon for enhanced monitoring, and using Group Policy to tighten print and USB security. Event log cleared: Event ID 1102 ACSC Sysmon: https://git…
  continue reading
 
Send us a text In todays episode of TLP - Traffic Light Protocol, Clint Marsden talks about Defending Against Scattered Spider: Understanding Their Tactics, Techniques, and Procedures. Key Takeaways Understanding Scattered Spider: Scattered Spider, also known as Roasted Octopus or Octo Tempest, utilizes various legitimate tools for malicious purpos…
  continue reading
 
Send us a text In this episode, we speak with Phil Ngo, a Primary Investigator in Accenture's global cyber response team. As a primary investigator, he is responsible for helping clients recover from major incidents as well as delivering proactive cyber services, such as threat hunting and tabletop exercises. Philip started his career as a high sch…
  continue reading
 
Send us a text This is the biggest episode from a content perspective so far. I'm excited to share it with you. Episode Highlights: How to run post-incident debriefs and post-mortems. Involving external teams Using lessons learned to form actionable insights. Key questions to address in incident analysis. Effective report writing strategies, includ…
  continue reading
 
Send us a text Show Notes: Episode on Containment, Eradication, and Recovery In this episode of Traffic Light Protocol, Clint Marsden explores the containment, eradication, and recovery phases of the NIST SP 800-61 framework for computer security incident handling. Key Topics Covered: Containment Strategies: Choosing appropriate containment methods…
  continue reading
 
Send us a text In this conclusion of the Detection phase, Clint wraps up Incident Prioritisation. This includes Functional impacts of the incident, information impact of the incident and the recoverability of the incident. Not all of these are needed, or relevant when tracking your incident and Clint explains when to categorise incidents using thes…
  continue reading
 
Send us a text In this 45 minute episode Clint covers a lot of ground based on the Detection phase of NIST 800-61. Attack vectors for digital security incidents, including insider threats and weaponized USBs. Cybersecurity incident response and detection, including NIST guidelines and Sysmon logging augmentation The importance of following temporal…
  continue reading
 
Send us a text In this Episode Clint Marsden talks about the first phase of Computer Security Incident Handling according to NIST. Listen to real world examples of how to get prepared before a Cyber Security Incident arrives. Show notes: Link to NIST SP 800-61 PDF https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Bro has be…
  continue reading
 
Send us a text In this first episode we kick off with Clint Marsden, the host of Traffic Light Protocol (TLP) where he talks about what its like to work in DFIR, how to get started with Cyber training, what to expect in future episodes, and of course a light touch on AI Forensics! Join us for the first episode. The next episodes coming up talk abou…
  continue reading
 
A bit different podcast this time: We're sharing the audio from a panel discussion on self-driving cars at TRAN/SUM, Transportation and Mobility Technology Summit hosted by NIKKEI and the Japanese Government. Panel title: SELF-DRIVING TECHNOLOGIES: STEERING TOWARDS FULL AUTOMATION This panel explored the current capabilities of (semi)autonomous car…
  continue reading
 
This time, it's all about music. We're presenting a mix created by DJ Yonekura for last week's NEUTRAL [Arts ・ Bikes ・ Music] event held in Tokyo. NEUTRAL WEBSITE: https://neutral-moto.com/ Direct link to the mix: https://soundcloud.com/user-592219394/neutral Moto Japan Website: https://motojapan.me/ Follow us on Instagram: https://www.instagram.co…
  continue reading
 
Loading …

Pikakäyttöopas