Author Archives: Tim Bertino

Understanding Security Operations Center (SOC) Types and Deployment Models

Technology exists to support the business goals of an organization. As advanced as technology gets over time, it still needs to be supported. Issues and complexity exist and need to be tended to, often on a daily basis. For general information technology; a help desk, service desk, or operations center is there to receive andContinue reading “Understanding Security Operations Center (SOC) Types and Deployment Models”

Buzzword Bio – Software Defined Networking

For many years, networks were exclusively built, operated, and maintained as a grouping of individual devices. To build networks, we would log into devices individually and manually, or by using some sort of scripting solution. For network operations, each network device had to have its own knowledge of the picture of the network. Each deviceContinue reading “Buzzword Bio – Software Defined Networking”

Buzzword Bio – Macro/microsegmentation

Using the network as an enforcement point for security policy is a concept that has been around for a long time and does not seem to be going anywhere. Since traffic is already traversing the network, it is a natural point to either allow or deny network packets. Also, with the importance of defense inContinue reading “Buzzword Bio – Macro/microsegmentation”

Buzzword Bio – SASE and SSE

The ‘Buzzword Biographies’ is a blog series that takes a looks at popular technology industry acronyms and trends, and tries to explain and describe them. I, personally struggle with what some of these terms and trends really mean, so I have done some research and shared what I learned in an attempt to help othersContinue reading “Buzzword Bio – SASE and SSE”

The ‘Way Too Late’ Cisco Live 2023 Recap

As usual, time has gotten away from me, but I attended Cisco Live in Las Vegas this summer and wanted to share my experience through a blog post. This year’s event was very much about the people for me, and I was excited to get to go so I that could meet new and reconnectContinue reading “The ‘Way Too Late’ Cisco Live 2023 Recap”

Security+ Journey – Prying Eyes

The internet allows us to have the proverbial ‘world at our fingertips’. We have almost immediate access to countless amounts of information at practically any given time. While this is great, it can definitely be seen as a double-edged sword. Being on the internet often means disclosing information about ourselves in order to get accessContinue reading “Security+ Journey – Prying Eyes”

Security+ Journey – Gone Phishin’

As brought up in the social engineering post in this series, while attacks can rely on sophisticated payloads to accomplish malicious goals, oftentimes the point of entry is an action taken by an unsuspecting human. In that social engineering post, I also highlighted that humans are the last line of defense for an organization, inContinue reading “Security+ Journey – Gone Phishin’”

Security+ Journey – Social Engineering

In today’s day and age, attackers and defenders can both be very sospisticated. Threat actors can have ways to obfuscate their attacks and exploit zero day vulnerabilities. Conversely, defenders can leverage defense in depth to put multiple layers of defense between valuable assets and attackers. However, at the end of the day, there is aContinue reading “Security+ Journey – Social Engineering”

Security+ Journey – DNS for Recon

For attackers and defenders, tools are very important. If a threat actor does not know much about a potential target, they will need to perform some reconnaissance. There are many tools out there that can be leveraged for recon, some of which are readily available on popular operating systems. These tools are not necesarily builtContinue reading “Security+ Journey – DNS for Recon”