7MS #535: Rage Against the Remediation - a podcast by Brian Johnson

Today's episode covers three remediation-focused topics that kind of grind my gears and/or get me frustrated with myself. I'm curious for your thoughts on these, so reach out via Slack or Twitter and maybe we'll do a future live stream on this topic.

1. How do you get clients to actually care when we explain the threats on their network that are a literal 10/10 on the CVSS scale?

2. Password policies - they're not just as easy as "Have a password of X length with Y complexity."

3. Fixing the various broadcast traffic and protocol issues that give us easy wins with Responder and mitm6 - it's more nuanced than just "Disable LLMNR/NETBIOS/MDNS and shut off IPv6." This article discusses these challenges in more detail.

Further episodes of 7 Minute Security

Further podcasts by Brian Johnson

Website of Brian Johnson