Page 1 of 1
Forum Actions

Topics   Replies Score Author Latest Post
Need to show how static analysis has value, to save my position. 0 P. Reali We use Autoruns on several clients to pull persistent mechanisms on clients endpoints, and we have alerts that present data to about 7 different people/shifts, with all "new" PM's on a device that they inspect for maliciousness using the hashes (for the most part).  That is our Dynamic analysis.  My position looks at all the autorun and registry entries, as well as the new PM's that were alerted on for the past 24 hours, on all endpoints, for all clients, the following day, in an effort to catch anything that was missing during the dynamic analysis.   My boss wants to do away with my static analysis because he doesn't see the value in it.  I know that these dynamic alerts could be pulled together to be used to identify attacks that utilize several legitimate processes, that may seem benign when seen by itself in an alert.  But, my boss wants metrics that show the value of my position.  I'm a bit overwhelmed with trying to show this to him.  I know there is value, but how and where do I find "metrics" that proof that my position really is valuable.  I haven't found a lot of malware, but I have found PUPs that pose a threat...and that treat could lead to malicious network connections. But that would hopefully be caught by those who analyze the network traffic.  I know there is value in seeing "all" the processes and files on an endpoint, I just don't know how to prove it. I really need help with this. I am 1 of only 2 women who work in this department and I feel like I just can not get their respect for my perspective, without some solid ground to stand on.  I need that ground!!  How do I prove this? with metrics?  Women's intuition is just not enough in this career!   thanks for any ideas! Kimberly
by P. Reali
Sunday, February 17, 2019
Static Code Analysis Tool for use within Continuous Integration 1 K. Thompson Hello Karen,I came on, a year plus after you asked with the intention of asking the same thing. So, how did it work out for you. I have a list of 6 third party software packages that we are reviewing.We also use Bamboo, and we are in the Microsoft world, .Net, C#, Visual Studio, Azure...I am interested how you made out.ThanksWendy
by W. Durica
Saturday, April 7, 2018
Technology Audit position(s) at Verizon 0 L. Eilers I hope this is allowed. I'm not an official recruiter and I won't make any money from this, I just want to give people a heads up about a job opportunity at Verizon. Verizon is looking for people with good technical skills in the areas of IT operations or applications reviews, network operations or security audits, SSAE16 or PCI compliance, and/or ERP security and controls review. This is a Technology Audit position - you bring the skills and we'll teach you how to audit. It's actually a lot of fun! I'm totally serious about this! http://www.verizon.com/about/work/jobs/5438331-technology-auditor Please feel free to share the information. I'd love to see some more women on the Technology Audit team. We're extremely outnumbered! :) 
by L. Eilers
Tuesday, June 28, 2016
DEFCON Roommate 0 V. Ho Hi Ladies! DEFCON is Aug 6-9 in Vegas!! I'm looking for a roommate to split hotel costs! I have a room booked at Planet Hollywood at a discounted rate but I'm on a budget :-) You can also email me at vho823@gmail.com
by V. Ho
Thursday, June 25, 2015
Help with Statement of Purpose 0 A. Hernandez Hello,  I'm applying for my Master's in Cybersecurity with a concentration in Digital Forensic at USF. I would like to get any suggestions, comments, or advise for my Statement of Purpose. I do not wish to write a generic essay, and will love to get your inputs and ideas, or experiences if any.  Thank you so much in advance, Ana
by A. Hernandez
Friday, May 8, 2015
need help with infosec assignment 0 t. martin I have to do an analysis of an online pharmacy system for security risks and need some assistance identifying the risks and appropriate controls. I need someone who has put together a security control map and has experience identifying risks related to CIA. Willing to pay $25/hr 
by t. martin
Tuesday, April 28, 2015
Work/LIfe Balance 0 W. Admin How are you dealing with it?
by W. Admin
Monday, April 27, 2015
New WSC Logo 0 W. Admin WSC is looking for a new look to represent the essence of women in cybersecurity. How would you, a women in cyber like to be represented? Do you have ideas? Please share!
by W. Admin
Monday, April 27, 2015