Really like how you not only covered tools but resources that you can use to get more hands on practice with them whether it’s through investigations or home labs. Also, liked how you brought up the context of it’s great to know the tools but it’s more important to understand the value behind them and when is best to use them. Overall, great explanations and really well done great job!
Great video! I appreciate how you call out the fact that tools are only as good as what you use them for. I’d love to see a video about your way (or various ways you know) of approaching an investigation and the thought process that goes into each step. Keep up the great work!
Thanks! I have something similar coming out which is going through a PCAP. I do like the idea of talking about the thought process. Great suggestion ❤️
Gracias por todo el contenido Nos ayuda mucho a la comunidad de Seguridad defensiva Blue Team. Normalmente en las Redes hay poca informacion. Un abrazo.
Great content. No Tools will cover everything...and are not 100% perfect. You are right when you mention a SIEM is no required...now we have hyperautomation as a "new" trend SIEM killer. Sometimes tools go hand 2 hand with required compliance like hippa, gdpr etc etc.
@@MyDFIR but so many tools. Which best ips ids would be best suricata or solarwinds. Edr croudstrik or … lol but job wise learn splink and witeshark and see what ips ids and edr the company uses
@@RandyAinsworth-tx6vn Agreed which is why at the end of the day, a tool is just a tool. Understand the use case and pick one that fits the business budget. As long as a tool can provide visibility, have logging and ability to search within the tool. That is a good tool. To make it a great tool, have responsive capabilities.
Great question, for laptops you really need about 16GB+ RAM and the more the better. I don’t really have a particular brand I recommend, however a lot of my laptops (current & previous) are MSI laptops used for gaming. 😂
Your "Next Steps" page for your mentorship is asking for additional information but there are no input fields. Update: I just received an email. I will respond that way.