TCM Security

We're pumped to announce our latest blue team course, Security Operations (SOC) 101! A lot of you have been asking for more blue team content, and we're excited to finally deliver. Big shoutout to Andrew Prince for making SOC 101 a reality. The future's looking bluer than ever— but in a good way! This course is packed with everything you need to crush it as a T1 or T2 SOC Analyst, from phishing analysis, digital forensics and incident response to threat detection, log analysis, SIEM management, and more. Will you be taking it? Let us know if you're in! 🔷 https://lnkd.in/gUHm4m7U

Finish this week strong, fam - and carry that good energy into your weekend. <3

Burp Suite plug-ins can take your web app testing to the next level, and in today's video, Alex is sharing 3 of his current favorites. https://lnkd.in/gb96SeTv 1️⃣nowafpls: This newer plug-in, not yet in the BApp Store, is a must-have according to Alex. Developed by Shubham Shah, it cleverly bypasses many web application firewalls by increasing the size of the requests, allowing them to go uninspected. 👀 2️⃣JSON Web Tokens (JWTs): Basically, you can use this plug-in to quickly decode, manipulate, and attack JWTs. 3️⃣Param Miner & JS Miner: Finally, this is great if you find yourself getting lazy when it comes to recon. Uncover endpoints faster - and get to the fun part of web app testing that much sooner! Have you tried any of these - or do you have other plug-ins that save you? Let us know in the comments!

August 22, 2024: Web Hacking: JWTs and Mass Assignment Join us for a live web hacking session that dives into hacking JSON Web Tokens and exploiting Mass Assignment vulnerabilities. The session includes introductions, setting up tools and live labs to be solved. About the Instructor Alex is a Web Application Security specialist with experience working across multiple sectors, from single-developer applications all the way up to enterprise web apps with tens of millions of users. He enjoys building applications almost as much as breaking them and has spent many years supporting the shift-left movement by teaching developers, infrastructure engineers, architects, and anyone who would listen about cybersecurity. Follow Alex on Social Media: https://lnkd.in/d-X6CmYq

When people think of a cybersecurity career, they often picture the adrenaline rush of red team operations—the l33t hacker. 👨💻 Thanks to the media, it’s easy to see why! But let’s not forget about the blue team—those behind-the-scenes heroes keeping organizations secure every day. 🦸♂️ SOC Analysts, in particular, play a crucial role. But what exactly does a SOC Analyst do? It’s more complex than you might think. Dive into this critical role that’s only growing in importance. Considering this as a career path? We’ve got you covered with our SOC 101 course: https://lnkd.in/gUHm4m7U

LIVE: DEFCON Diaries | Cybersecurity | Pentesting | Hacking | AMA Join Andrew, Tib3rius and Alex to ask anything you'd like about #DEFCON. We livestream at 12 PM ET every Wednesday, so please subscribe to see the next time we're live!

Meet Andrew Prince, the driving force behind TCM Security’s recently released SOC 101 course. (https://lnkd.in/gUHm4m7U)   With expertise in security operations, incident response, threat hunting, vulnerability management, and cloud infrastructure security, Andrew brings a well-rounded approach to cybersecurity. His background in development and system administration gives him unique insight into creating robust security strategies that work from both offensive and defensive angles. Beyond his professional achievements, Andrew is also passionate about the security community. He actively develops Capture the Flag challenges, builds security trainings, and shares his knowledge to help others. We’re thrilled to have Andrew on our team, helping to guide the next generation of security professionals! Have you started SOC 101? Let us know in the comments!

Alex Olsen shares a quick code you can use during your next internal pentest to get credentials. Watch and learn and catch Alex on livestream tomorrow!

Don't pass up this opportunity to potentially grab a TCM Security voucher! 😍 P.S. Speaking of incredible humans, Angela 🌌 B. (creator of the Practical Junior OSINT Researcher cert) is absolutely one!

Thanks to everyone who came out to our booth at the IoT Village at #DEFCON 32! It was SO awesome to meet so many of you—whether you were trying your hand at IoT and hardware hacking, learning more about what we do, watching Andrew Bellini present on Sunday, or just chatting with us about what being part of the TCMS community means to you. We treasure these real-life connections. 🫶 Now, we’re looking ahead to Wild West Hacking Fest in Deadwood. Have a great weekend!