7MS #397: OPSEC Tips for Security Consultants
Jan 23, 2020 • 37 minutes
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.
I'm working on a new security song called Don't Let the Internet Get You Down, and the chorus will go something like this:
Don't let the Internet get you down
It's full of trolls and 10 year olds and adolescent clowns
So let their words roll off of you, like water off a duck
To prove to them that you don't give a darn
On a more serious note, here are some opsec tips that hopefully will help you as a security consultant:
Good contracts - make sure your SOWs have lots of CYA verbiage to protect you in case something breaks, your assessment schedule needs to be adjusted, etc. Also, consider verbiage that says you'll only retain client testing artifacts (hashes, vuln scans, etc.) for a finite amount of time.
Scope - make sure you talk about scope, both in written and verbal form, often! Also, a Nessus scanning tip: use the nessusd.rules file to not scan any IPs the client doesn't want touched. That way Nessus won't scan those IPs even if you try to force it to!
Send information to/from clients safely - consider forcing MFA on your file-sharing portals, as well as a retention policy so that files "self destruct" after X days.
....and more on today's episode (see 7ms.us for more show notes)!
Has 7MS helped you in your IT and security career? Please consider buying me a coffee!
Choose from the options below to listen and subscribe to 7 Minute Security in your podcast app of choice. By subscribing you will receive new episodes automatically.
Search for 7 Minute Security or copy the URL below and enter it in your podcast application.