Yes! Please keep this series going! I’ve started THM and I would love to have an actual insight on what I’m learning corresponds with the real world and having someone who works in it explaining and adding notes is just amazing and exactly the motivation I need to actually feel what I’m reading and learning is meaningful! Again thank you so much for these videos and insights on connecting the real world to the available online learning materials! Please keep this up! I really can’t wait to be able to start supporting your channel more Than just liking commenting and sharing! I’m planing on making a personal website (since that is required today😂) but my main use of it is personal hub for everything I need to know and maybe a road map to friends that are looking to get into cyber sec and your videos are gonna be blasted all over it just from how much it’s informative and connects the bridge between online stuff to the real world! Thank you❤
Thank you for all the support!! I subbed to THM and will continue the series💚there's a few sections I think will teach me a few things. Maybe youtube's algorithm will push out my stuff so more people can follow along 😅#cyberarmy
Stumbled across your channel couple days ago and I've been slowly going through your videos. You're doing some great work with these videos, the content is A+ and relatable.
I really liked how you included tools / techniques you actually use @ your current position. Will allow me to really look into those specific areas and try and learn to land the first SoC job.
Thank you for watching! I'll keep trying to highlight the stuff I do in my current position in future vids 💚 It's amazing how much more I've learned on the day to day functions needed in just 6 months compared to my 4 year degree for this position.
Thank you Mad Hat. I spent quite a bit of time trying to figure out that last exercise and I finally decided to check what was going on and you made it clear there were no correct answers!! Thanks again.
Hey MadHat just checking in, you should reorder the playlist listing. This is the first one that shows up at the top, followed by the actual intro video. Thank you.
I literally came here searching to see if someone could say why I'm always wrong with the Task 9 Practical. But lol😅😅.. this is wrong even if we set the pyramid right..!! Thank you for the Video brother..!! 🙂 Saw the Outro Timestamp on your video..!! Thank you for the affirmation that the knowledge we get is worth it with Subscription. I have been following the learning path suggested by THM for past a 50 days, to get started with Cyber sec and get into Cyber Sec careers. Subscribed you now bro..!!😊😌
I like listening to podcasts as I can stay up to date while driving, jogging, or doing chores around the house. I listen to Cyberwire Daily podcast primarily and have the "Cyber Security News and Alerts" app on my phone which gives me notifications on emerging threats/news. At work, we're given a lot of links to articles from other intel focused analysts from sites like DarkRead, CyberScoop, TheRegister, PCMag, and random other sites. I'm going to try and make a video soon on how to stay updated in the field as it seems like many could benefit from some direction on available resources 💚
The tools I've used so far are an ai driven email filter, two EDRs (one ai and the other signal based), a SIEM, an enterprise firewall that sends logs to the SIEM, and a CDN (but only my boss and one other senior analyst handle this tool). The MOST threats I have to deal with are honestly phishing campaigns (trying to get people to enter credentials and malware). There large amounts of bot activity hitting our network that my boss/senior analyst have to deal with through the CDN. Other than phishing, I just have to make sure that stuff people install on there work devices isn't malware and that no out of the ordinary commands/changes to a host are made. Nearly all non-phishing related tickets are false positives, like 99% of them, and the 1% are greyware/pups installations where we reimage the host just to be safe.
you mention trying out wireshark and testing it out on websites to monitor traffic. isnt that illegal? And would potentially sniffing network traffic using Wireshark trigger an alert for network hosts? like SEIM or from an ISP? any way that it can be traced back to you?
As far as I know capturing traffic being sent to your computer when you visit websites isn't illegal? You're just seeing what you're expected to have access to. Now altering the packets and sending then to the website would be a different story...😅
@@madhatistaken ah you mean your own traffic from the site, not monitoring the general public traffic of the site lol that makes sense. love your videos man keep it up. I'm making my way through the SOC challenges, and its a lot to learn. Though, I can't wait to start using the tools. As an analyst, and doing detection - if an adversary used WS on your network for recon, would that trigger an alert to that type of monitoring?
@@MFmyk3 We have a massive WAF that would detect any malicious packets coming in, but just sniffing the packets on the user's end we would not notice to my knowledge as that's passive recon. Since WS shouldn't alter the packets on its own, just provides the information contained, it shouldn't raise any red flags going back through the WAF.
I sadly do not right now, I don't know how much more value I could provide outside of my video content currently. I've got my hands full with work and about to have 4 kids 😅but if I ever go full time youtube (pipe dream at this point) I'd make one.
Excellent work! I appreciate the effort you're putting in. However, I must admit that it can be quite overwhelming. It seems like one would have to know all of this information off the top of their head, which can be daunting, especially for beginners. Nonetheless, I look forward to seeing more of your work. Would you be willing to consider running and using TryHackMe in a VM to mitigate any potential security threats that may arise from the numerous links and possible malicious code?
It's definitely overwhelming at first, but the more often you perform the tasks, the more easy it is to recall all the different artifacts you need to check and what sites to use. The site doesn't provide malicious URLs (as far as I know 😅) and if they do, I know they have sandboxes for different sections. That's the beauty of the subscription version, you get access to all the fun VM modules.
Yes! Please keep this series going! I’ve started THM and I would love to have an actual insight on what I’m learning corresponds with the real world and having someone who works in it explaining and adding notes is just amazing and exactly the motivation I need to actually feel what I’m reading and learning is meaningful!
Again thank you so much for these videos and insights on connecting the real world to the available online learning materials! Please keep this up!
I really can’t wait to be able to start supporting your channel more Than just liking commenting and sharing!
I’m planing on making a personal website (since that is required today😂) but my main use of it is personal hub for everything I need to know and maybe a road map to friends that are looking to get into cyber sec and your videos are gonna be blasted all over it just from how much it’s informative and connects the bridge between online stuff to the real world! Thank you❤
Thank you for all the support!! I subbed to THM and will continue the series💚there's a few sections I think will teach me a few things. Maybe youtube's algorithm will push out my stuff so more people can follow along 😅#cyberarmy
Stumbled across your channel couple days ago and I've been slowly going through your videos.
You're doing some great work with these videos, the content is A+ and relatable.
I really liked how you included tools / techniques you actually use @ your current position. Will allow me to really look into those specific areas and try and learn to land the first SoC job.
Thank you for watching! I'll keep trying to highlight the stuff I do in my current position in future vids 💚 It's amazing how much more I've learned on the day to day functions needed in just 6 months compared to my 4 year degree for this position.
Thank you Mad Hat. I spent quite a bit of time trying to figure out that last exercise and I finally decided to check what was going on and you made it clear there were no correct answers!! Thanks again.
this is so good. I have only started looking at cyber security and this series is a great start.
Hey MadHat just checking in, you should reorder the playlist listing. This is the first one that shows up at the top, followed by the actual intro video. Thank you.
Thank you for the content. I am a Cybersecurity student. Your videos are very helpful. God bless!
Hey Mad Hat, love your channel, entertaining and informative. Keep it up!
Thank you for watching and the support! I'll keep trying to release helpful stuff! 💚
Please can you continue the series?
Thank you so much, I was stack at tasked 3, everyone else had Host Europe GmbH it is wrong.
I literally came here searching to see if someone could say why I'm always wrong with the Task 9 Practical. But lol😅😅.. this is wrong even if we set the pyramid right..!! Thank you for the Video brother..!! 🙂
Saw the Outro Timestamp on your video..!! Thank you for the affirmation that the knowledge we get is worth it with Subscription. I have been following the learning path suggested by THM for past a 50 days, to get started with Cyber sec and get into Cyber Sec careers.
Subscribed you now bro..!!😊😌
I forgot to ask on your last video, but do you have a few preferred feeds you follow for staying up to date with new events?
I like listening to podcasts as I can stay up to date while driving, jogging, or doing chores around the house. I listen to Cyberwire Daily podcast primarily and have the "Cyber Security News and Alerts" app on my phone which gives me notifications on emerging threats/news. At work, we're given a lot of links to articles from other intel focused analysts from sites like DarkRead, CyberScoop, TheRegister, PCMag, and random other sites. I'm going to try and make a video soon on how to stay updated in the field as it seems like many could benefit from some direction on available resources 💚
What are some of the tools have you used so far in your job so far and what are some of the most threats you encountered? Thank You!!
The tools I've used so far are an ai driven email filter, two EDRs (one ai and the other signal based), a SIEM, an enterprise firewall that sends logs to the SIEM, and a CDN (but only my boss and one other senior analyst handle this tool). The MOST threats I have to deal with are honestly phishing campaigns (trying to get people to enter credentials and malware). There large amounts of bot activity hitting our network that my boss/senior analyst have to deal with through the CDN. Other than phishing, I just have to make sure that stuff people install on there work devices isn't malware and that no out of the ordinary commands/changes to a host are made. Nearly all non-phishing related tickets are false positives, like 99% of them, and the 1% are greyware/pups installations where we reimage the host just to be safe.
Why the other ip addresses and domain names don't count as the that is being tried to connect to in the ip address questions?
I wasted so much time on Task 9 not knowing it was broken. So irritating.
My gaming nerd rage could not deal 😅
Thanks mate!
Which is better this or the HTB SOC course?
HTB is more difficult, so probably that one. I'd recommend doing both 😁
you mention trying out wireshark and testing it out on websites to monitor traffic. isnt that illegal? And would potentially sniffing network traffic using Wireshark trigger an alert for network hosts? like SEIM or from an ISP? any way that it can be traced back to you?
As far as I know capturing traffic being sent to your computer when you visit websites isn't illegal? You're just seeing what you're expected to have access to. Now altering the packets and sending then to the website would be a different story...😅
@@madhatistaken ah you mean your own traffic from the site, not monitoring the general public traffic of the site lol that makes sense. love your videos man keep it up. I'm making my way through the SOC challenges, and its a lot to learn. Though, I can't wait to start using the tools.
As an analyst, and doing detection - if an adversary used WS on your network for recon, would that trigger an alert to that type of monitoring?
@@MFmyk3 We have a massive WAF that would detect any malicious packets coming in, but just sniffing the packets on the user's end we would not notice to my knowledge as that's passive recon. Since WS shouldn't alter the packets on its own, just provides the information contained, it shouldn't raise any red flags going back through the WAF.
Damn I am learning a lot
Do you have a Discord server?
I sadly do not right now, I don't know how much more value I could provide outside of my video content currently. I've got my hands full with work and about to have 4 kids 😅but if I ever go full time youtube (pipe dream at this point) I'd make one.
@@madhatistaken
If you ever wanted to make a passive server, just lmk. I could help and manage it for you 👍
Insert Goat Emoji here, Question do you use Splunk at all? I'm hearing this is heavily used SIEM to learn.
Thank you
tks from Brazil
Aye baby. Let’s go!!
Excellent work! I appreciate the effort you're putting in. However, I must admit that it can be quite overwhelming. It seems like one would have to know all of this information off the top of their head, which can be daunting, especially for beginners. Nonetheless, I look forward to seeing more of your work.
Would you be willing to consider running and using TryHackMe in a VM to mitigate any potential security threats that may arise from the numerous links and possible malicious code?
It's definitely overwhelming at first, but the more often you perform the tasks, the more easy it is to recall all the different artifacts you need to check and what sites to use. The site doesn't provide malicious URLs (as far as I know 😅) and if they do, I know they have sandboxes for different sections. That's the beauty of the subscription version, you get access to all the fun VM modules.
4:31 right now the http requests are GONE. HOW CAN YOU PASS THE TEST WITHOUT GOOLING!? This is so retared for tryhackme!!