7MS #397: OPSEC Tips for Security Consultants

Jan 23, 202037 minutes


This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.

I'm working on a new security song called Don't Let the Internet Get You Down, and the chorus will go something like this:

Don't let the Internet get you down
It's full of trolls and 10 year olds and adolescent clowns
So let their words roll off of you, like water off a duck
To prove to them that you don't give a darn

On a more serious note, here are some opsec tips that hopefully will help you as a security consultant:

  1. Good contracts - make sure your SOWs have lots of CYA verbiage to protect you in case something breaks, your assessment schedule needs to be adjusted, etc. Also, consider verbiage that says you'll only retain client testing artifacts (hashes, vuln scans, etc.) for a finite amount of time.

  2. Scope - make sure you talk about scope, both in written and verbal form, often! Also, a Nessus scanning tip: use the nessusd.rules file to not scan any IPs the client doesn't want touched. That way Nessus won't scan those IPs even if you try to force it to!

  3. Send information to/from clients safely - consider forcing MFA on your file-sharing portals, as well as a retention policy so that files "self destruct" after X days.

....and more on today's episode (see 7ms.us for more show notes)!

Has 7MS helped you in your IT and security career? Please consider buying me a coffee!



Listen Now