Brandon’s the best

Brandon is a treasure. Love having him on the show.

That is awesome!

CEH provides a great intro into types of threat actors and TTPs but I would recommend looking into eJPT as well to provide hands on perspective.

Agree here. CEH is a book based knowledge. Pentesting is very much a hands on keyboard skill and this is why CEH is less respected upon by practitioners. eJPT is a good entry level cert.

By "book based knowledge" do u mean CEH is just theory? I'm new to all this.

It is. We were loading and configuring Lima Charlie edr. I’m still producing it. It was over 2 hours long. Lol

@@SimplyCyber oh okay.. thanks will wait for this 🔥

I think what Brandon was saying is believing that your detections are excellent because you just turned on a bunch of rules, but not knowing that they are one dimensional and brittle so likely not catching everything OR saturating you with false positives. Do not confuse it with being new to the area and learning. Everybody starts somewhere and nobody knows everything for sure. I really believe its more about the confidence of just downloading a bunch of other peoples rules and throwing them in your environment and feeling like the job is done without having the understanding of WHAT the rules are actually detecting on. This understanding is important.

Thanks so much! Brandon has so much knowledge in his area. Its a treasure trove!

SPlunk has a lot of free training on their site.