This time, Robby has invited his most recent online friendship and the uncrowned king of open source, Simon Simonsen, to the podcast. Simon also happens to have a lot of experience developing and utilising security architecture defense strategies, or as he calls it; utilising your home court advantage.
Simon has over a decade of experience in security and is working as a Senior Information Security Officer at the Danish energy trading house Danske Commodities (DC).
In his discussion with Robby, he explains his mostly open source approach to protecting his home court by using OODA Loops (Observe, Orient, Decide and Act) and by knowing that as long as you know your network better than any adversary, you should come out winning. He also shares his approach to making sure you do know your network better, as well as his journey with OODA Loops.
Hunting ELK: https://github.com/Cyb3rWard0g/HELK
The Open Source Security Events Metadata (OSSEM): https://github.com/OTRF/OSSEM
Security Onion: https://securityonion.net/
Sentinel ATT&CK: https://github.com/BlueTeamLabs/sentinel-attack
Technical level: 4/5
Host: Robby Peralta