.

[Article]-Webcast: Deep Dive into Red Teaming with the Metasploit Framework

<<

sil

User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Mon Mar 21, 2011 12:44 pm

Re: [Article]-Webcast: Deep Dive into Red Teaming with the Metasploit Framework

Man... I'm going to have to teach some of you reverse management engineering. This is the art of getting management to let you do what you need to do...

E.g.:

Manager: (CFO mind you): "You need to be doing X tomorrow at noon"
Me: "Sorry but I can't. Unless you haven't heard... PCI changed the rules as did FINRA within the last 6 weeks. I seriously need to focus on keeping our clients in compliance. Therefore tomorrow I have SIEM + Security projects on the board, you will have to shift X to about 3PM. It's definitely mission critical I remain free tomorrow until 2PM earliest. We need to ensure I understand all I need to know about concepts, methodologies in this field if you wanna keep managed security services in order"


Works all the time... However, it works for me. I'm a stickler on project management (and yes I have studied PMP + ITIL for those wondering). I almost always try to make things a business case since that's all bosses care about at the end of the day. When it makes sense to them financially, you're talking their language. Not trying to explain why you need to understand core concepts and alternatives for pivoting into multiple meterpreter shells
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Mar 21, 2011 1:06 pm

Re: [Article]-Webcast: Deep Dive into Red Teaming with the Metasploit Framework

Yeah, sil...  :D

I'm generally good at the same.  Only difference for me THIS time, is that I'm bound by contract (at my primary job) to multiple customers.  When they have issues, I'm on call to them, 24x7.  And tomorrow, one happened to book the same timeframe for an investigation of an issue, that requires my assistance.  If it somehow frees up, I'll be watching the webcast, else, I won't.

Oh well...  At a minimum, I'll catch the recording!

Edit:  oh, and I liked the article you (sil) posted the link for, a couple of days ago.  You did a great job!  (Just been so busy, I hadn't had time to tell you.)
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Mon Mar 21, 2011 2:04 pm

Re: [Article]-Webcast: Deep Dive into Red Teaming with the Metasploit Framework

I actually have 3 conflicts tomorrow. Conducting job interview (this will be the 37th candidate we've interviewed, background checks take too long and candidates always find other work by the time we clear them) which I'm happy to miss, (2nd round anyway, I already assessed their technical chops, this one is the touchy feely culture interview) is the first.

PCI panel thing, I could have smacked my boss. He gets an email from a fellow CIO at sister organization with an invite for a PCI summit/panel focused on parking revenue systems and he says that "maybe" he will send his "PCI guru". He refers to me that way sometimes and I always tell him I'm not a guru, I'm constantly looking up requirements because i can never remember exactly what the SSC had to say on topic X. but now the requester has me listed on the agenda as a PCI guru and several sister organizations are clamoring for my presence, and they don't even know me. Oh and apparently I'm supposed to answer questions, at least I don't have to give a presentation. Tomorrow is going to suck as their expectations are dashed to pieces.

Sil, your strategy works usually, but when my boss has extended an offer to a group of his peers, nothing else matters. Hayabusa I feel your pain, some things are just out of our hands.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

jsm725

User avatar

Newbie
Newbie

Posts: 36

Joined: Mon Mar 22, 2010 5:13 pm

Post Tue Mar 22, 2011 10:34 am

Re: [Article]-Webcast: Deep Dive into Red Teaming with the Metasploit Framework

I will be attending. 26 minutes to go...
CISSP, PCI-QSA, OSWP
Previous

Return to Special Events

Who is online

Users browsing this forum: No registered users and 1 guest

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software