SW – Content Plan
Content Plan for Security Weekly
In order to assist with content ideas across Security Weekly, we have published a list of topics.
These are higher-level suggestions. Choose a topic, tool. and/or technique in the area described (or a different tool that does the same thing), and present on it.
Please submit your information via our online form if you are interested in covering one of these topics https://securityweekly.com/guests/.
If you work for a security vendor, please see our appearance guidelines.
Virtual Training Topics of Interest
Virtual training sessions are 60 minutes long and include a deep-dive and how-to on a specific topic. These can be sponsored or not.
Hardware Hacking 101 | Wireless (In)Security | Pen Testing The Cloud |
Penetration Testing Tactics and Techniques That Actually Work |
Making The Most Out Of Open-Source Threat Intelligence |
Hack The Human: Social Engineering Tactics For Your Next Pen Test |
Reverse Engineering Malware | OSINT For Fun and Profit | Kali Linux Not-So-Secrets |
Embedded & IoT Hacking Tips & Tricks |
Bypassing Endpoint Protection(s) | Web App Scanning in DevOps Processes |
Breach and Attack Simulation | Securing & Protecting Applications in AWS | Building An Open-Source SIEM |
How To Threat Model For Better Security | Forensic Investigations For The Rest Of Us | Threat Hunting By Living Off The Land |
Building Effective Security Programs: Compliance, Process and Procedures |
How To Test Your Environment Against The Mitre Att&ck Framework |
How To Build an Incident Response Program with Practically No Budget |
Docker Deployments, Security & You |
Paul’s Security Weekly (PSW) Topics of Interest
Topics can be covered as a technical segment (45 minute how-to guide on how to accomplish something that will help people learn and apply skills) or an interview with the author of the tool or someone who is considered a subject matter expert (SME) in that area. These can be sponsored or not.
Building Secure-By-Default Containers | Storing Secrets In A Vault With Docker | Scraping The Web With Python |
---|---|---|
MS Office Macro Payload(s) | Tracking Security News and Research | Open-Source Attack Surface Management |
Encrypting Linux Volumes | Windows Local Privilege Escalation Example | Cool C2 Channels By Example |
Bypassing 2FA | Software Defined Radio | Metasploit |
Bloodhound (For Attack and Defense) | Python Tips and Techniques for Pen Testers | Linux Privilege Escalation Through Containers |
Web App Pentesting Tool | YARA | Threat Hunting (JA3, RITA) |
Flan Scan | Evilgrade | Scapy |
Nmap | OSQuery | RFID Hacking |
In addition to the topics above, these are red team/offensive specific tools of interest. These can be sponsored or not.
Privilege Escalation | Bloodhound | SpiderLabs Responder |
---|---|---|
DeathStar | Domain Password Spray | CredKing |
Chrome BackDoor | PowerShell Without PowerShell | Sneaky-Creeper |
The Havester | AD Explorer | FireProx |
Enterprise Security Weekly (ESW) Topics of Interest
Topics can be covered as a technical segment (30 minute how-to guide on how to accomplish something that will help people learn and apply skills) or an interview with the author of the tool or someone who is considered a subject matter expert (SME) in that area. These can be sponsored or not.
Tools For Dealing with CVE Data | Runtime Application Protection | Evaluating Endpoint Security |
---|---|---|
Recommending The Best Secrets Manager | The Security Awareness Program Cheat Sheet | Microsoft ATP (Advanced Threat Protection) |
Amazon Elastic Beanstalk for Security Testing | Group Policies For Security That Work | Powershell For Enterprise Defenders (DeepBlueCLI) |
Analyzing Email Phishing Campaigns | AWS Security Services | GuardiCore, Infection Monkey |
Threat Intelligence | MITRE Att&ck Matrix | Up and Running On Elk |
Vulnerability Management | Identity Management | Log Analysis for IoCs |
Cuckoo Sandbox | Nagios (Or Alternatives) | The Security Onion |
Securing O365 |
In addition to the topics above, these are blue team/defensive specific tools (or at least could be used by the blue team) of interest. These can be sponsored or not.
Logon Tracer | Sysdig Inspect | CredDefense |
---|---|---|
MISP Project | TheHive Project | Volatility |
Salt Project | Renovate | CrackMapExec |
Awesome Incident Response |
You can skip this ad in 5 seconds