My friends, the come has come. This holiday season I'm giving away a golden ticket that grants free entry into ALL my training courses and tons of other amazing prizes.
If you find my golden ticket, you win:
- A free seat in every @NetworkDefense training course
- A free seat in one course to give to a friend
- A signed copy of all my books
(more...)
- 2 free seats in @DragosInc “Assessing, Hunting, and Monitoring Industrial Control Systems” course (in person or online, for you and a friend)
- A free seat in a @TrustedSec online course
- A super secret and totally awesome prize from me
That's nearly $20,000 in prizes.
Where can you find the golden ticket? It's found in an act of charitable giving; by helping others who are down on their luck or lacking opportunity.
To enter to win my golden ticket, make a donation of at least $20 to:
Every $20 you donate is another chance to find the golden ticket.
Forward your donation receipt(s) to goldenticket@ruraltechfund.org.
They must be dated between Dec 6th and Dec 24th.
You can enter as many times as you want, and the competition is open internationally.
The golden ticket will be revealed to the winner on Christmas day.
Now for even better news. This year we've partnered with other organizations that want to do good in the world. They are making additional contributions that unlock at different funding goals.
$5000: Unlocks $5000 on behalf of Alan and Maria Orlikoski
$50000: Unlocks $10000 from @blackthornellc AND unlocks the SECOND GOLDEN TICKET to be given away
$65000: Unlocks $15000 from an anonymous donor in memory of Sue & Ben Reeves
$75000: Unlocks the *BBQ Tier*.
$100000: Unlocks the THIRD GOLDEN TICKET to be given away.
What is the BBQ tier? I will personally cook BBQ for every Golden Ticket winner. That can be a pork butt or brisket (your choice). I’ll deliver it myself if you’re within a couple hundred miles of Atlanta, GA. If not, I’ll vacuum seal it and ship it (US winners only).
Thanks to my amazing partners for making all these reward matches possible. It's amazing what we can do when we all work together. I think we're going to do a lot of good in the world this year.
And finally, I'll also be drawing entrants throughout the next couple of weeks to win free signed books and individual course seats. You have lots of opportunities to win.
Here are all the details on a single page and a shareable graphic with all the prizes and contest details: chrissanders.org/2021/12/golden….
Good luck, my friends :)
Good morning! After our first day, we're just shy of our next goal -- 10K. A few hundred more dollars and we unlock a $5k bonus from our friends at @DNSFilter.
And with that, we've hit our 10K fundraising reward tier. That gives us a $5000 bonus donation from @DNSFilter.
Our next goal is to hit $20k raised, which will unlock a $10k bonus from @TrustedSec. They are also providing a free seat in their online training courses to the golden ticket winner! trustedsec.com/services/onlin…
Remember, you can make a donation to @RuralTechFund OR any food bank of your choosing (or both). Just forward us the receipt. Contest prizes and entry instructions here: chrissanders.org/2021/12/golden….
Worth noting -- if your workplace participates in a charitable donation service, you can donate through there too and forward the receipt. If there's a match, you'll get credit for that too. These are services like Benevity, Fidelity Charitable, AOGF, and others.
At last check, we've raised around $16K. Another $4K and we'll reach our next milestone which means a $10K bonus from @TrustedSec!
Folks often ask me about the most important data sources for network defense. That question usually requires some unpacking and winds up as one of these:
1. Most important for detection
2. Most important for analysis
3. Most important for career growth
1/
I wrote a whole chapter about choosing the best data sources for collection in my book Applied Network Security Monitoring. I distinguished between detection and investigative value, but I think I would approach that chapter a bit differently if I were writing it today. 2/
In Applied NSM I introduced something called the Applied Collection Framework. The gist was that you should assess your fears and risks to the network that you're defending and work backwards from that to identify important data sources. 3/
The most common action an analyst will take is performing a search. Usually in a tool like Security Onion, Splunk, Kibana, and so on. The second most common action an analyst will take is pivoting. That term gets used a lot, but what exactly does it mean? 1/
In the investigative context, analysts pivot when they perform a search in one evidence source, select a value from that search, and use it to perform another search in a different evidence source. 2/
For example... 1. An analyst searches in flow data to see who communicated with a suspicious IP. 2. They get a result and identify a Src IP. 3. They search in PCAP data for the Src IP / Dst IP pair to examine the communication. 3/
The gist of the findings is that folks are more likely to change their mind on a topic when asked to make a prediction about some facts relevant to the topic and subsequently finding out their prediction was false.
Further, the magnitude of the prediction error is notable:
"we found that prediction error size linearly predicts rational belief update
and that making large prediction errors leads to larger belief updates than being
passively exposed to evidence"
As one of my last doctoral coursework presentations, I spent time talking to my colleagues about the ethical dilemmas surrounding offensive security tool release. The outsider input was fascinating. Here's a thread to share some of that... 1/
Now keep in mind, my colleagues here are primarily educators. K-12 and university teachers, administrators, educational researchers, and so on. A few industry-specific education people as well, but none from infosec like me. 2/
My goal was to present the issue, explain why it was an ethical dilemma, and collectively discuss ethical perspectives that could influence decision-making. I withheld any of my opinions to let them form their own but gave lots of examples of OSTs and their use. 3/
Although I had met Alan, I didn't know him well. However, his signature hangs on my wall as part of the SANS Difference Makers award he had a hand in awarding me in 2018. 1/
From what I know of him, he was a big part of making sure this award existed because he believed that we should use technology to make people's lives better, and a lot of his life was committed to that idea. I think that's a sentiment most of us can get behind. 2/
When we think of people whose contributions shaped the state of education in computer security, Alan is likely in the top portion of that list. When you consider the transformative power of education on people's lives, it's easy to see how many people he impacted in some way. 3/
It doesn't matter if you don't have a lot of teaching experience as long as you are well-spoken. I'll work with you and teach you principles of curriculum design and adult learning to help turn your expertise into effective learning content.
Here are some comments from a few of our course authors who I've worked with during this process so far.