Preview Mode Links will not work in preview mode

7 Minute Security

Aug 27, 2022

Today's episode covers three remediation-focused topics that kind of grind my gears and/or get me frustrated with myself. I'm curious for your thoughts on these, so reach out via Slack or Twitter and maybe we'll do a future live stream on this topic.

  1. How do you get clients to actually care when we explain the threats on their network that are a literal 10/10 on the CVSS scale?

  2. Password policies - they're not just as easy as "Have a password of X length with Y complexity."

  3. Fixing the various broadcast traffic and protocol issues that give us easy wins with Responder and mitm6 - it's more nuanced than just "Disable LLMNR/NETBIOS/MDNS and shut off IPv6." This article discusses these challenges in more detail.