Shout out to John Hammond for this video. I found this channel several years ago when I just got into hacking and it was one of the primary drivers for me becoming interested in security. Now I'm a SOC Analyst and John says he appreciates what I do. I appreciate what YOU do man. 👍
Makes no mistakes, I like the offensive side, its fun to play around like Mr.Robot. I have OSCP, OSCE myself but Blue Team is where the job security and money are.I m glad I went into DFIR instead of Pentesting.
Great video as always, just a small note on 07:16 for anyone not aware of it. Microsoft will turn on Tamper Protection for all Defender for Endpoint clients in 2 days.
Yeah, getting the opportunity to be a hero for an organization. The red team gets to be the "bearer of bad news". If you are doing your job well, you will be telling the management staff, that you discover something that will bring many headaches, stress, etc.. However being the person who brings to the attention, that a company is vulnerable to an exploit, must be satisfying in some ways, like fulfills that "trickers" desire inside everyone. The power of knowing something no one else does if you discover a zero day..
I just had an advertisement from John Hammond on this video and was a bit confused, that I could skip the midroll after a few seconds, just to realize it wasn't a midroll
I have over one year of experience as SOC analyst but still feel like I can not do anything, I don’t know whether it is the environment I am in, or being SOC analyst is not the right career for me. Please show me the best way forward. Please please I beg.
Uh maybe I'm too nooby but why is Sigma, a company dedicated to threat detection/sharing, why is their website marked "Not Secure" in the top left of the browser, like their certificate isn't right or it couldn't secure a TLS connection? Right?
Hi John, this videos are great i appreciate that. I saw some of your videos where you analyze malware and there is some obfuscation used by the threat actors, I am wandering if there is a way windows or any operating system can stop the malicious obfuscated code from running or maybe ask the user weather to run the obfuscated code?
Agree I'm learning red team first just for fun And then I will go for blue team for my entire life , Next 5 or 6 years later I will find an excellent job with 100 , 200 th salaries.
Shout out to John Hammond for this video. I found this channel several years ago when I just got into hacking and it was one of the primary drivers for me becoming interested in security. Now I'm a SOC Analyst and John says he appreciates what I do. I appreciate what YOU do man. 👍
Thanks for shining more light on the blue team. Can't wait to see more content about blue teams.
Makes no mistakes, I like the offensive side, its fun to play around like Mr.Robot. I have OSCP, OSCE myself but Blue Team is where the job security and money are.I m glad I went into DFIR instead of Pentesting.
@@PurpleTeamer😢
Finally, I've been waiting for a video like this from you for a while now. hope you do more of defense related content :D
Great video as always, just a small note on 07:16 for anyone not aware of it. Microsoft will turn on Tamper Protection for all Defender for Endpoint clients in 2 days.
blue team is certainly sexy when you end up saving everyone's skin lol
Yeah, getting the opportunity to be a hero for an organization. The red team gets to be the "bearer of bad news". If you are doing your job well, you will be telling the management staff, that you discover something that will bring many headaches, stress, etc..
However being the person who brings to the attention, that a company is vulnerable to an exploit, must be satisfying in some ways, like fulfills that "trickers" desire inside everyone. The power of knowing something no one else does if you discover a zero day..
@@_ruddegarno, it’s not, because nobody will fix it.
Thank you for sharing such helpful content. We really need more information about the Blue Team.
YES. More blue team content! Let's GO!
I love my work as a Soc Analyst fully satisfied with my work ❤
How about using Elastic with sigma-cli? Since it seems to be the default that is used with kali purple it seems like a logical fit to me.
John you are the coolest man I've never seen and am giving you a big thank you for letting windows users to know about sigma blue team defenders
Thanks for sharing John. Love the content. Keep it coming
I just had an advertisement from John Hammond on this video and was a bit confused, that I could skip the midroll after a few seconds, just to realize it wasn't a midroll
John's videos are always helpful ❤
I have over one year of experience as SOC analyst but still feel like I can not do anything, I don’t know whether it is the environment I am in, or being SOC analyst is not the right career for me. Please show me the best way forward. Please please I beg.
any advice for Canadians? any help will be appreciated 💖
Uh maybe I'm too nooby but why is Sigma, a company dedicated to threat detection/sharing, why is their website marked "Not Secure" in the top left of the browser, like their certificate isn't right or it couldn't secure a TLS connection? Right?
THIS GUY
the download of Aurora lite triggered teh AV check in Vivaldi and the file was instantly quaratained. Is it trustworthy?
Hi John, this videos are great i appreciate that. I saw some of your videos where you analyze malware and there is some obfuscation used by the threat actors, I am wandering if there is a way windows or any operating system can stop the malicious obfuscated code from running or maybe ask the user weather to run the obfuscated code?
would love to see some non-windows applications like this.
Snort, ClamAV, ELK, pfSense, Loki, Thor, Xcitium are good things to play with and learn on pengin os.
That's a great video! Could you make a similar video for red team? I'm struggling with finding any decent resources for learning about new techniques.
Awesome video as always! Lol where can we score that awesome Huntress PacMan shirt?! That thing is too cool
very usefull video!! thank you John!
These are great resources. Thanks for sharing
Aurora Lite and Aurora looks just like Loki and Valhalla from Florian Roth (Yara rules). Are Aurora inspired by him? :)
Same company.
solid good sir, much thanks to you
Blue Team is like 95% of the industry and Red team 5% of the industry but everybody wants to wear a black hoodie these days. (shrugs)
I blame the Media
This cringe is real with the black hoodies
Black hoodies....You guys get hoodies? 😤
Agree
I'm learning red team first just for fun
And then I will go for blue team for my entire life ,
Next 5 or 6 years later I will find an excellent job with 100 , 200 th salaries.
@@alirezasnow3618 There is a natural progression, but don't be afraid to look for shortcuts. There are exceptions to every rule.
Hey jhon i want you to take a look at yai day2
Hai John you always make interesting video 😊😊😊
Thanks for sharing such great resources.
Fabulous 😊
Finally ♥️
I see an ad for you in your video. Is it a coincidence? 🤣
Carbon Black is not a SIEM lol. Great video though!
Well I did my masters in cybersecurity and completed 1 year of placement as cyber security analyst but now don't have a job 😢
Why? What happened?
I'm just here for the SHIRTS
Thank you!
and you better never quit youtube
Why don’t Microsoft just embed this directly into windows
blue team forever
I was here!
w0w, first viewer
first
red team bug bounty