Share this page!

Maybe Scrolly?
Chris Sanders 🍯 Profile picture
Twitter logo
20 Dec, 8 tweets, 3 min read
We had a big fundraising weekend -- we're past 50K in donations which unlocked another 10K bonus from our friends at Blackthorne Consulting and a SECOND Golden Ticket to be drawn and given away.
The Golden Ticket fundraiser ends on Friday. You can win a free seat in all my
@NetworkDefense training, more training from @DragosInc @TrustedSec, all my signed books, and more.

Entry information and full prize list here: chrissanders.org/2021/12/golden…
This also means we're only $7K from a massive 15K bonus, and within shouting distance of the BBQ tier, where I'll personally cook a pork butt or brisket for the golden ticket winners.
Just think about it... this brisket could be yours. I'm talking about American wagyu prime brisket smoked all day with oak and cherry wood.
Now that we're all hungry... the BBQ tier means I will:

- Cook you either a brisket or pork butt (your choice). We'll pre arrange the date.

- If you're reasonably close to Gainesville GA/Atlanta I'll deliver it. If not, I'll ship it (this can only be for US based winners).
Of course I'll help you eat the BBQ too, but that's optional.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chris Sanders 🍯

Chris Sanders 🍯 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @chrissanders88

Chris Sanders 🍯 Profile picture
21 Dec
It probably won't be a surprise that my favorite movie of all time is Willy Wonka and the Chocolate Factory (1977). I get asked about that a lot this time of year. Tis the season, so let me to tell you why I love it so much... Image
You know that scene where everyone walks into the candy room and everything is edible? That magic in everyones eyes? The magic that you probably felt too when you first watched it?

I feel that magic when I watch it and that's the same magic I felt as a kid when I saw a computer screen light up or a circuit board spring to life.
Read 21 tweets
Chris Sanders 🍯 Profile picture
9 Dec
Golden Ticket update! We're just a hair shy of our $20K goal which unlocks a 10K bonus from @TrustedSec.

Help us get there by donating to @RuralTechFund or your local food bank and forwarding us the receipt. You'll be entered to win nearly $20k in free training and prizes.
The list of prizes and all the details on how to enter are here: chrissanders.org/2021/12/golden…
We just hit our $20K goal! That comes with a 10K match from @TrustedSec, who are also providing a free seat in one of their training courses to the golden ticket winner. Thanks @HackingDave and crew!
Read 4 tweets
Chris Sanders 🍯 Profile picture
9 Dec
Big news!

After a long wait, I'm excited to publicly release my doctoral dissertation, "The Analyst Mindset: A Cognitive Skills Assessment of Digital Forensic Analysts".

You can download it here: chrissanders.org/2021/12/disser….
In the accompanying blog post, I also talk a bit about how I came to this research area, why I think it's important, and a little bit of what's next. While my doctorate is a terminal degree, my dissertation is a beginning toward more things to come. 2/
With that in mind, let me walk you through a high level overview of my research and findings here. This will be a long thread and pretty high level since it's nearly a 200 page document. 3/
Read 53 tweets
Chris Sanders 🍯 Profile picture
8 Dec
Folks often ask me about the most important data sources for network defense. That question usually requires some unpacking and winds up as one of these:

1. Most important for detection

2. Most important for analysis

3. Most important for career growth

1/
I wrote a whole chapter about choosing the best data sources for collection in my book Applied Network Security Monitoring. I distinguished between detection and investigative value, but I think I would approach that chapter a bit differently if I were writing it today. 2/
In Applied NSM I introduced something called the Applied Collection Framework. The gist was that you should assess your fears and risks to the network that you're defending and work backwards from that to identify important data sources. 3/
Read 21 tweets
Chris Sanders 🍯 Profile picture
7 Dec
My friends, the come has come. This holiday season I'm giving away a golden ticket that grants free entry into ALL my training courses and tons of other amazing prizes.

All the details are here: chrissanders.org/2021/12/golden…
If you find my golden ticket, you win:
- A free seat in every @NetworkDefense training course
- A free seat in one course to give to a friend
- A signed copy of all my books
(more...)
- 2 free seats in @DragosInc “Assessing, Hunting, and Monitoring Industrial Control Systems” course (in person or online, for you and a friend)
- A free seat in a @TrustedSec online course
- A super secret and totally awesome prize from me

That's nearly $20,000 in prizes.
Read 20 tweets
Chris Sanders 🍯 Profile picture
16 Nov
The most common action an analyst will take is performing a search. Usually in a tool like Security Onion, Splunk, Kibana, and so on. The second most common action an analyst will take is pivoting. That term gets used a lot, but what exactly does it mean? 1/
In the investigative context, analysts pivot when they perform a search in one evidence source, select a value from that search, and use it to perform another search in a different evidence source. 2/
For example...
1. An analyst searches in flow data to see who communicated with a suspicious IP.
2. They get a result and identify a Src IP.
3. They search in PCAP data for the Src IP / Dst IP pair to examine the communication. 3/
Read 20 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @chrissanders88 has new unrolls!

Check out other threads from @chrissanders88!

Read all threads by @chrissanders88

:(