Welcome to my twitter. I believe in living a balance life. I tweet about WORK: cybersecurity, incident response, speaking engagement, work documents. Then there is a SIDE B: Advocacy, family, entrepreneurship, friendship, life in general, happiness, thoughts, well being

I just saw post that the 38 Annual First Conference is now open for Registration. This is for 2026. I need save and to go.

Interesting day today. Failed at something but hey, I always choose optimism. Always!

It’s still November, and I decided to have one-on-one conversations with the team. I asked them to share any behaviors or attitudes they feel uncomfortable with or dislike. I received some honest and valuable feedback

No matter how powerful the Cloud is, it's still not safe from breaches. If an organization is moving towards a digital transformation strategy — incorporating cloud-based tools and services as part of their infrastructure — they need Cloud Security. In the Infosec Survival Guide: GREEN BOOK, @klingbilek talks about Cloud Security and it's responsibilities, as well as resources and tools to aid you as you defend the Cloud! If you'd like more helpful educational content, check out the Infosec Survival Guide: GREEN BOOK - blackhillsinfosec.com/prompt… Resources: ATT&CK Cloud Matrix - Use the ATT&CK® Cloud Matrix to be aware of tactics and techniques that apply to cloud-based technologies. attack.mitre.org/matrices/en… Use Center for Internet Security (CIS) cloud benchmarks to compare against your cloud configuration - cisecurity.org/cis-benchmark… Comprehensive security guidance for cloud environments. cloudsecurityalliance.org/ar… Webcast: Cloud Security: Why Endpoint Still Matters -youtu.be/6UxjQYIksBQ In Cloud We Trust: Common M365 Attack Techniques to Bypass Defenses - youtu.be/WKuX5QjCapA How I started my summer vacation: Navigating My First Incident in the Cloud - youtu.be/alZNMmgezRU Cloud Pentest Apocalypse - youtube.com/playlist?list=PL… Reconnaissance: Azure Cloud - youtube.com/live/w1DkzNi4bu0 Tools for Defense: Cloud Auditing Tool - works on all major cloud platforms. Quickly gathers configuration settings and highlights areas of risk. github.com/nccgroup/ ScoutSuite Post-Exploitation toolset using the Microsoft Graph API. Recon, persistence, and data theft. github.com/dafthack/GraphRun… Find gaps within Azure MFA requirements. github.com/absolomb/FindMeAc… BloodHound data collector, Microsoft Azure. github.com/BloodHoundAD/ AzureHound Azure AD hacking and admin toolkit. github.com/Gerenios/AADInter… Cloud Security Courses from Antisyphon: Breaching the Cloud With Beau Bullock -antisyphontraining.com/cours… Securing the Cloud Foundationss with Andrew Krug -antisyphontraining.com/cours…

Happy Day Today!

Congrats bes for your achievements. Galing

If we think about it more deeply, electing good leaders in government is incredibly challenging. Perhaps it’s more effective to focus on the micro level, where we give 100% of our effort to ensure that every member of our family becomes a responsible and caring citizen.

Thank you for your service, Sir!These were the words from my SANS 508 trainer as he presented me with the 508 coin. It was a great moment, especially since he was a foreigner and had remembered this detail after I introduced myself at the start of the class.

Will be having a huge training and certifications coming up.

Whew! It’s been 4 to 5 years since I last built and installed a web server from the ground up to a fully functioning web environment in the cloud. This included setting up TLS, a database, and, of course, implementing security measures.

I was supposed to attend today’s recognition day for our Government Chief Information Officer (GCIO) batch, but it was not possible. We graduated from the UP Master of Technology Management program last July.

Completed the Face to face training session for the CISA yesterday. Need to review more and take the exam soon.

My week was never BLUE. Attended a great face to face training on CISA Domain 1, 2, 3. To be continued

My experience in South Korea over the past few days for the CAMP event has been wonderful. This is my second visit here in South Korea and my second time attended CAMP 9th Annual Meeting. #southkorea #CAMP2024

Windows Event Log Analyzer. aims to be the Swiss Army knife for Windows event logs #DFIR github.com/Yamato-Security/W…

I wish I was at the #Firstcon24

Dadating ang time makakabasa tayo yung mga local cyberciminals at yung mga mahilig tumawa sa sa hacking incidents at yung sue dito sue doon, magulat na lang sila family members nila doon nagtratrabaho o nawalan ng trabaho bec of the incident.

It was a great week. 1. First day of Ramadan, 2. had a three-hour talk at Philippine Commision on Women, 3. decided to handle a priority incident. Learned something new on modsec_audit log investigation plus cloud flare logs.

The SANS Cyber Threat Intelligence Summit 2024 has started. #sanssummit2024 #ctisummit2024 #sansctisummit24 #threatintel