7MS #535: Rage Against the Remediation - a podcast by Brian Johnson
from 2022-08-27T22:05:41
Today's episode covers three remediation-focused topics that kind of grind my gears and/or get me frustrated with myself. I'm curious for your thoughts on these, so reach out via Slack or Twitter and maybe we'll do a future live stream on this topic.
-
How do you get clients to actually care when we explain the threats on their network that are a literal 10/10 on the CVSS scale?
-
Password policies - they're not just as easy as "Have a password of X length with Y complexity."
-
Fixing the various broadcast traffic and protocol issues that give us easy wins with Responder and mitm6 - it's more nuanced than just "Disable LLMNR/NETBIOS/MDNS and shut off IPv6." This article discusses these challenges in more detail.
Further episodes of 7 Minute Security
Further podcasts by Brian Johnson
Website of Brian Johnson