Fundamentals That Time Forgot

okay well let's start good morning this is remedial security for those of you that are in the wrong spot jason's laughing that's good at least there's one or two people that are awake this morning all right first of all we've got to answer three fundamental questions during this presentation who schedules a security conference on a saturday is is chunky dave even in here oh yeah okay hold on wait it gets better on my anniversary no less okay those of you that uh remember the early utah saint days anybody know the story about my anniversary in utah saint would you like to have my wife come up and talk about it she doesn't want to so i won't make her

but she's in the back by the way my wife is here where's your hand that's my wife kimberly and all that crazy noises you heard from the north east side of the building that was us it's anniversary weekend for us i'm just teasing that's probably way more than you cared about okay so we're on our anniversary and then some guy says hey you gotta talk at b-sides it's this guy right here and so if you haven't had an opportunity to talk to him as one conference organizer to another sometimes you don't realize how hard it is to run a conference so congratulations it seems like it's going off without a hitch so thumbs up so that's chunky dave

um this is about me i'm going to tell you some of the same information but tell some deeper stories about it we're going to talk about me for like 30 minutes just teasing all right so i'm troy jessup um i am a cissp an sscp a ccna a tpym wya and a firm subscriber of the who cares about certifications certification um my current roles uh i'm the organizer of the utah saint organization the founder and chairman chief researcher organized organizator that's a good word of saying khan i might need a drink what where'd they go there's teas okay um i i work currently at the utah education network and i've been there for a long time doing associate director

of security and operations junk i also run a little business on the side which we call brush fire security which we do some security consulting and some other things from time to time a lot of people have asked me about what the heck is jupiter most people in the utah state organization which is where most of you come from don't know me as jupiter this name precedes utah saint or coincides with it to a large degree this is the the the handle that i used to use when we were doing the capture the flag competitions at defcon so as we were doing those i was jupiter and all of the other people in the in

the group were different planets and nobody was uranus at all okay so anyways that's me hopefully most of you know who i am and i don't need to go into any more details i wanted to just talk about network fundamentals or network security fundamentals but i also wanted to give a quick plug this will be the only real plug for saint con during this presentation uh sync con is a network security conference how many of you don't know what sync con is let's just pull the room okay next slide okay security fundamentals um and when i kind of joked about it being remedial i kind of meant it a little bit so here's what here's what

you get uh for security fundamentals head plus wall plus momentum equals ouch right you guys ever beat your head up against the wall before physically like in real life maybe probably as a kid or something well this is what security seems to be like right now this isn't the head beating up against the wall thing and i have to kind of look at it from behind here but it's a cute little animation of somebody just kind of taking the beating because somebody else knows so much better how to do things right how many of you guys feel like the guy on the the left sorry um and you're always just tearing it up doing really good security stuff and

you're just pwning all those hackers out there okay and then how many of you guys feel like the guy on the right who's just getting pwned all the time and you just don't even care anymore right so let's start out here let's talk about people okay security-minded people one of the first fundamentals we're going to talk about is being a security-minded security geek okay what kind of security resources do you need in today's day and age okay found this picture on the internet look cool okay so who's the fat guy doesn't matter right but they're the ghostbusters right what kind of security staff do you need you've got how many of you guys work in

an organization that has a formally defined network security office department or otherwise okay what the rest of you guys do you fight security from the it department don't you yeah okay that's right okay so but for the purpose of this slide what i wanted to do is just bring up the the the point that uh for security for for your security group sorry i'm losing my train of thought only because hold on my phone keeps buzzing in my pocket somebody sending me illicit messages

no it's not but somebody wants that picture so anyway yeah i'll send i'll send out a link afterwards or something for it somebody evidently knows my phone number okay so security geeks we all need to have security geeks but the security-minded person doesn't stop there one of the things that i want to talk about is that you also need security-minded system administrators dbas other things like that right it's a security fundamental if you're doing security in an organization and you're the person in charge of security whether that be through divine intervention or edict right or whether because or whether it's because you decided that hey i'm interested in this stuff and i'm going to work on it

or whether you don't really care and you're here because you've heard about this really cool con you need a good security-minded people so let's talk about them for a minute security is a state of mind how many believe that okay it is it's truly a state of mind it starts with this ignorance the bliss of not knowing or not wanting to know how many of you guys fit your fit yourself into this category right here i mean legitimately like hey you know what ignorance is bliss my wife's raising her hand in the back okay so ignorance is bliss we don't care do we know if the hackers got into our main database servers do we do we care right well first of all

ignorance is not bliss and for those of you that don't understand the the not sign in there not equal to okay then we'll talk about programming and how important that is a little bit later okay so the next level of a security state of mind as we go through this progression so we have the ignorance and ignorance is bliss useful users or people and then we have the ins the insightful people so they have a basic understanding of what is out there and what to watch out for to keep themselves safe okay how many of you guys fit into this category okay so you're aware that you know people from nigeria send you an email and

you know those basic things that have been around since the dawn of time that might have finally made it to your ears i don't mean that sound derogatory at all but um but being insightful okay most users in the computer industry these days fit into this category they're the ins they they know not to click on things in emails they know that antivirus is a good thing they don't know why but it's a good thing um and and they know that they have to vpn in to get to all their stuff at their office and their they hate you for it okay then comes this level the educated version or the educated people okay knowing enough to be able to speak out

about it but lacking some practicality okay how many fit into this category okay so a lot of the presenters up here probably consider themselves to be educated they're probably a little bit farther down the scale here as we go down it but um educated i consider myself to be pretty well educated in network security some something that i've been doing for a long time um i can speak about it i can stand up here and tell you about security fundamentals get really boring with some stupid slides like this watch james say hey why is one side of the screen brighter than the other it's okay james it's okay it's all it's ocd for all of us okay so

educated next one scared okay how many of you are to this level okay hopefully that work you know we're kind of going through the scale here how many are scared about network security because at this point you know with real understanding about network security comes real fear um once you realize uh that your fear is actually warranted i mean as you go throughout your day and you're you're whipping out your swords and you're in battle with the miscreants out there in the world uh it's a real battle it's constantly waging there's not a time anywhere day or night 24 hours a day seven days a week 365 and a quarter days a year that you're not being bombarded

on your networks or on your systems looking for holes vulnerabilities and other things to get in get your information take it out and do things like do things with it so a lot of us are in that scared mindset right okay keep going there's a couple more there's the paranoid okay now you guys might be multiple parts of these right so how many of you are paranoid about security okay this is the sweet spot okay on this entire scale this is the sweet spot this is where you want to be you want to be paranoid so this is where i consider myself to be as paranoid this is a healthy place believe it or not i mean paranoia in general isn't

healthy but for security purposes it is um but paranoia for security people is healthy uh for you and for the organization that you're protecting so security mindset paranoia okay and then insanity okay now you've gone off the deep end now you've unplugged yourself from the internet you've decided that okay this isn't even worth it anymore but there is a fine line between paranoia and sanity don't let the insanity take you okay insanity i've got another one of these things when you put two equal signs together in programming language that means what equal to okay just making sure that this wasn't just i'm sure it's not but insanity equals worry if you worry too much you're going to do things like have

knee-jerk reactions to issues incidents and other things that happen on your networks and you're not going to make good decisions so worrying about every little thing that you cannot get to but knowing let's see but you know makes you vulnerable who cares i i probably was tired when i wrote that slide okay so here's this completely meaningless scale that shows all of those mindsets from ignorance through educated through scared paranoid and insane it's okay it doesn't i don't even know what the graph represents i thought it would be a really cool visual but most people hang out in ignorance mode a couple people are well educated a few more fit into the scared and it's very

interesting that there's not very many that are paranoid in fact when we even raised our hand how many you're paranoid now you're all gonna raise your hands like yeah we're gonna screw up your scale okay but fundamental number one okay so we've kind of prefaced it with this is having good paranoid security-minded people but that also that but that means having those types of people in every aspect of your technology within your organization that doesn't mean just having security people in the security department why do why is it important this can be a little interactive why is it important to make sure that you have a good security minded system administrator anyone

so to quote him to because the dingbat would leave the stupid default settings on the piece of junk server right that was a direct quote okay right if you don't have security-minded system administrators or security-minded dbas and security-minded accounting people what's going to happen they're going to circumvent all of the protections that you put in place by opening up telnet on some stupid server and saying hey i'll just get to it from home from time to time so that i can work from home right okay so let's talk about fundamental number two okay tools and monitoring excuse me so tools um how many of you guys would say you have a really good subset of

tools to help you monitor and manage network security okay a couple of hand shakers out there right so what are the rest of you guys doing you're blissfully ignorant of what's going on okay well so let's talk about it a little bit tools specifically in the security industry are there to make your jobs easier to make processes for managing security easier and so some of the essential tools i'm not going to put a lot of names uh to these because there's a lot of sponsors outside they'll be happy to talk about many of these solutions with you uh under different names but let's talk about some of the fundamentals okay do you guys have network traffic monitors

within your network are you monitoring traffic do you have the ability to pull a packet capture off the wire if you needed to you have the ability to see that hey all of a sudden i went from two megabits a second which hopefully maybe you have more traffic than that but whatever two megabits a second all of a sudden i'm doing 200 megabits a second and we have no idea why right how many of you would notice something like that where's your hand so all of a sudden your network traffic went whoop how many of you guys would notice that okay that's good what would the rest of you guys do be blissfully ignorant that's i don't mean to beat you up

that's not my point here okay but network traffic monitors okay i'll talk about a few of those here in a minute log management systems okay how many of you have a log management system what are they good for somebody yell it out nice job i bet that took never mind log management system right what kind of logs are you sending to your log management system maybe let me ask it like that okay firewall logs those are good ones anything else system logs event logs anybody else authentication logs failures okay there's a lot of things that you can send to a log management server why why would you do that central repository there's another word starts with the v

that i'm looking for here everybody's like going what visibility right the visibility of those logs now if they sit there on a system so if you've got this beautiful active directory system across the entire organization this is a beautiful thing and then nobody ever looks at the logs because they're just stored on the server and nobody really gets on there to take a look at them how good is your active directory implementation when it comes to security and authentication and things like that right okay so visibility having a central log repository and the the ability to see those map those out uh is incredibly important and it's a fundamental okay so vulnerability scanning tools how many of you guys do

vulnerability scans against your network we should probably see a lot of hands at this point which is good because a couple of years ago you probably would have seen no hands because everyone's like what is that vulnerability scanning tools okay there's a number of them out there you can pay for really great ones you can open source some really good ones as well and being able to identify and manage the vulnerabilities on your network is a key fundamental tool okay firewalling and filtering systems okay pretty straightforward i'm not going to get into that if you have pr if you need information about firewalling is that me buzzing if you need information about firewalling uh you can

come up later and we'll do a remedial remedial class fault management processes okay or fault management systems uh what's a fault management system first and foremost up down right a little red light green light kinds of things whether something's working or not okay a fault management system we mostly tie that into operations and seeing whether a system is working and running but why is it an important security tool the buzz is deafening you find out your log management systems down there you go okay but no the the fault management system is there so that hey it's an anomaly what why did such a such system go offline why is the database down right now could it be that be through

the web server somebody did some sql injection that tried to dump the entire database 300 times just to see if they could right how many of you guys would have seen or if you're watching your fault management system and you see your database server go offline how many of you guys immediately jump to okay who tried to dump the database through the web server how many guys would jump to that conclusion those of you that raise your hands during paranoid should be raising your hands right okay because it's a paranoia sort of thing but a fault management system helps you see those types of things and then policies and procedures you know boring stuff okay

so let's talk about a couple of tools in a very non-vendor-specific sort of way for the most part there's a lot of different tools out there you guys are welcome to take a picture of this slide these are some of the ones that you should probably be incorporating into your networks as part of just basic fundamentals included in here are things like the ability to pull netflow which i highlighted up in the upper left hand corner netflow is an incredible source of information we use that all of the time okay netflow is the ability for you to pull packet header data and store it for long-term use and analytics on your network how many of you are not

familiar with netflow okay i'll i'll throw out a little teaser at the 801 labs hackerspace we teach netflow classes about once every two months or so if you want to come out and find out the cool parts and what's involved in netflow come out and see us out there at the hackerspace there's some really cool things about it but what would what would it be like if you had a log of every single packet that came in and out of your network and the ability to run different analytics on those logs you could start seeing patterns fairly quickly like hey how many times a day do i get port scanned how many times did this guy try and

brute force into my bastion ssh host that gets into the back end of our network how many times did somebody try and knock on the ports for our databases etc etc those types of things you find in netflow and there's a ton of other tools on there okay i'll mention just a few as we go through um snmp walk the ability to pull snmp data and and do analytics on that incredibly cool splunk i said vendor non-specific but there's a couple of them on here splunk great log management system hella expensive but great log management system nagios is a great fault management system when your database goes down and you want to be paranoid like me and say

hey who tried to dump it from the web server nagios is a great tool to find out whether your database is up or down a number of other tools in there jeremy did a great job just a few minutes ago talking a little bit about wireshark and packet capturing those things are on there nessus is also highlighted again a little bit more vendor specific but it's open source-ish how many guys have nessus okay very cool tool if you're not using that and don't scan your networks on a regular basis um you're doing it wrong um plain and simple um firewalls it's probably the biggest on the screen highlighted i wanted to just kind of mention a couple of things

uh because this is the remedial part of security fundamentals a firewall having one in place does not end your responsibility for security okay there are so many people out there especially in smaller organizations and such that say hey we've got a firewall we're good um firewalls are just the beginning that just offers you the opportunity and the ability to then start doing things within your network and containing stuff so having a firewall is good um but the rest of it once you have a firewall and a couple of these other things in place this is what uh hopefully that's animate it is animated that's cool so this is what your network may look like see

this is the a slide from the um from the movie up and you see the little grandpa dude standing on the edge looking over the edge this is symbolic i'm expect i'm about to explain the symbology here symbol whatever but you're looking off this huge precipice you've got a couple of tools in place but look at all the stuff that keeps coming in and keeps trying to hit what what it is you're doing you want me to move around more i can i'm just okay so fundamental number two is having good effective security tools okay so that you have visibility into the things that you're protecting hopefully that's helpful let's talk about baselines and scope

so this one's a short section doesn't have any animated slides scope how many of you are responsible for security within your organization okay keep your hands up for just a second what does security mean okay is it just you're responsible for security or are you responsible for the security management firewalls is there something to find around it that's why there's quotes around this okay are you responsible for security or are you responsible for security okay which is it so think about it i don't need the the answer specifically from you um is what you're charged with protecting defined okay this is another security fundamental okay here's this cute slide i see people laughing i mean that's cool

what's she laughing about what's so funny define okay well good i'm glad you're laughing at the same yes but the thing is is so often um the trouble that we run into is that security is defined as security with quotes around it and that the responsibility or the person who has the responsibility for security is responsible for everything from soup to nuts let's just use one of those crazy terms okay the the you are here thing i don't know why i put that in there but let's talk let's talk a little bit more about about it being defined defining network security within your organization is a fundamental okay so you as the person in charge of

network security for your organization needs to have it defined generally that goes through a process of hey here is the scope of what i'm going to do i'm going to make sure that the firewall is in place and it's properly filtering the bad things out on the internet i'm going to make sure that antivirus is in place on the inside and so many other things right but it also has helpful to make sure that they understand that i am not the system administrator and responsible for applying patches to the systems i am not the person who is responsible for managing the programmers depart or the programming department over here to make sure that they do ins

they build secure code or maybe you are and that's your job but define it okay so it's not just security because what happens when it's just security somebody yell it out it's too much right there security is way too big these days to just define it with a couple of quotes anymore okay so the you are here thing uh is a little bit more precursor to bass lines okay how many of you guys have done any one of the three of these things in the last year okay that's actually really good so a risk assessment okay having somebody come in and help you define what is the risk that you have within your organization what are what are the

things that you need to be protecting what are the problems that they see a vulnerability assessment hopefully to one degree or another you guys are doing most of this on your own vulnerability assessment is a self-assessment kind of thing having somebody come to it externally from time to time is a good idea and it's something that's necessary so that that you don't get stuck in the rut of hey it's that way because it needs to be kind of thing i know that as security geeks we always do it's like oh that's just bob's stuff and it's behind the firewall and i've locked it down as best as possible and we just kind of ignore it and we get into that

ignore it kind of mentality so having somebody come do this from an external perspective is important penetration testing how many guys have had that i mean i know we raised our hand for all three but how many have had a pen test in the last year that's actually really cool to see that there's that many a penetration test actually having either yourselves if you have the skill sets to do it or somebody else come in and actually beat up your network bloody your nose a little bit and try and find here's how we got into your network and and what we did to get there and you would be surprised how effective having this information from time to

time helps you it's a security fundamental you need to test yourselves okay it needs to be part of what you're doing and then as a as it applies to baselines you need to do all of this stuff to then find out where are we so that you can then make plans for where you're going okay which is the end of fundamental number three know where you are and where you're where you're going okay how bad is it and what are you protecting is really what we're trying to get out of this okay let's talk about methodologies uh for a minute um methodologies we'll call it a game plan okay comes in all shapes colors x's

and o's um things like that okay so here's a couple of the different methodologies um that we play around with in in my industry where we're at um the nist sp 800 series okay there's a whole series of things in there there's actually 171 different sub series or sub sections to that methodology which is a security methodology for how to implement all sorts of different things within your network how to implement a penetration testing regimen how to configure your firewall how to do hardening of your systems and services all sorts of things are are wrapped into that it's probably the premier network security methodology how many of you guys have heard of the nist sp 800 stuff

before okay so pretty fair amount that's great for the rest of you that haven't this this will require a little bit of research there's a lot there but it's another security fundamental you need to understand what it means to have a holistic security program okay what you're doing within your organization if you want nist sp 800 lite there's something called the sans 20 critical controls so it kind of narrows the 171 down to about 20 which includes most of the same things just a little bit less broad you might want to start there but having a game plan working through understanding what it is you need to be doing uh is important security control number one within the sas 20 is

understanding what it is that you have on your network and how to protect it right and then number control number two is understanding the software running on all of that cool hardware and how to protect it and it just goes on and on there's a lot of information in there the osstmm that's somewhere crazy acronym i can't remember off top of my head right now but it's the open source something testing methodology manual which is a penetration testing and and vulnerability assessment methodology how's it going dimitri okay so fundamental number four is having a plan and making it work for you so a security methodology is required how many of you guys have a security

strategic plan within your organization okay to one degree or another the rest of you might want to start reviewing some of these and build a plan around it making sure that you're doing that okay so a couple of the basics since we've covered all the hard stuff and we're almost done by the way you're going to get out early because i'm going to go enjoy my anniversary with my wife the rest of the day today the basics this is all the crap you have to know okay first of all you need to be able to know how to jump rope okay this is mandatory it's a security fundamental okay as soon as you've seen that enough we'll

move on to the next slide it was just one of those done little animation things okay you need to be able to do most of these things okay as a as a security geek and there's a whole lot more to this but if you are not strong in a couple of these areas uh you need to become strong in these areas in today's day and age with the malware the way that it is you need to understand how to reverse engineer malware how many of you guys have that skill okay there's probably a couple of you okay how many of you guys would love to learn that okay awesome we'll probably teach some of that at sync con this year but one of

the other things is that again a little plug for the 801 labs hacker space they teach reverse engineering classes on a weekly basis over there if you want to come down there and learn about reverse engineering malware they teach that okay port scanning how many guys know how to do that hopefully most of the hands go up okay decoding ip traffic how many of you guys could take a packet capture and completely understand what's going on okay a few of you a couple of hands out here like this great okay having those types of skill sets is important because you've got to be able to understand when when when an incident happens you've got to be able to make the

determination did they get something did they not get something because in today's day and age again we're getting compromised all of the time through one means or another having the ability to actually decode that traffic and understand it is important how about systems administration how many of you guys have to be good system admins to be a good security guy hopefully all you're going to raise your hands because of course you have to understanding how system administration works is important uh because you're going to be the person to to recommend how to patch when to patch what big patch came out just the other day most of the utah st folks should know because we made a big deal out of it

open ssl okay there's a couple of high priority patches in openssl that if you're not patching four you're vulnerable remember heartbleed this doesn't quite raise to the scale of heartbleed but it's pretty close and such but system administration the reason why i bring up the heart the the open ssl patches is those are patches that should have been installed already on your systems how many of you guys have patched for those already okay there's like a couple people okay why not or what why have we not patched for those yet i'm not gonna make you answer the question uh but having that system's administration understanding knowing when it's safe to upgrade and patch when it's not how the

databases are going to be impacted those are things that you need to know so that you can be effective on how you're administer at administering security database structure and syntax how many guys could just go to town inside of a mysql database or a postgres database and just navigate yourselves around command line mode okay a couple of hands went up there's a couple strong kung fu people in here right but understanding that structure why is it important crickets so when somebody's doing sql injection on your web server you can determine hey what is it that they're doing then you could probably do it yourself because you know all the commands in order to grab that information right okay

a couple of last items here a programming language or a scripting language i can't beat on this one enough um being an effective security person and it's a fundamental but being an effective security person requires that you be able to script or program if you're not good at scripting and programming this is one of the things that you should work on almost first more than anything else because without this your ability to analyze data fix things in a hurry write a script to process a specific type of information to get an understanding of what's going on in one scenario or another can't happen and it's so it is it's one of the most important things we do i we're

constantly writing scripts at uen we're constantly writing programs to analyze data or to beat up against some system to determine whether it's vulnerable or not or to brute force and and things like that if you use this this all of the scripts and tools that are out there to the script kitty world those are good but you can't customize those very easily without understanding your programming language so so learn one one of those okay and then lastly uh it for this section is a way to learn more as things change so how many of you are subscribed to some sort of information push either mailing lists or or whatever that you're learning about the latest trends

tactics and information about what's going on out there okay hopefully most of you are if they're if you're not there's a lot of really good ones out there i'll plug the utah saint organization we don't send out a ton of information but we do send out some some good information from time to time about different threats and issues that are happening out there but that's another fundamental you need to learn a way to find new information and and integrate it into what you're doing okay so fundamental number five is learn the basics and practice them okay so um constant learning is required it's one of the fundamentals as well and so we'll put it all together for you

just a little bit it's a beautiful concept this is an analog here of putting all of our security things together making them all work just wait for it this is this is so satisfying here right

so when it's all said and done it's just going to loop now i think or no i actually didn't have it loop but when it's all said and done this is how security is going to be you're going to continue to deal with it because somebody in the organization messed up you're going to continue to deal with it because you forgot to put that configuration configuration in the way that you're supposed to and i'll tell you there's not a lot of times within the security realm that there's a lot of satisfaction and just running out of the office going yahoo okay and if you're in that career or if you're in this career for that you're in

the wrong career but every once in a while it does happen i mean we had a really recent experience uh where there was a compromise on one of the machines within the state that we were involved with i won't give you a lot of details about it but there is a lot of yahoo when you crack open some issue that has perplexed so many other people and then you finally just you make that one little i don't know jason's shaking his head he knows what i'm talking about but you make that one little leap and then you figure out this really cool piece of malware that i've got a copy of if anybody would like now

and and that it helps you distribute all kinds of cool stuff via a web uh a web vulnerability uh one that we haven't even seen before very cool stuff it's all deep encoded stuff so when the the text is coming across and being put into your browser it's not plain text it's all encoded and then your your browser decodes it really cool stuff if anybody wants a copy i'll send it out that that i can send out but there's not a lot of satisfaction until you have a lot of these fundamentals and skills in place and then you do cool things like that but to wrap it all up you need to have good paranoid

security-minded people you need to be a paranoid person so that when you see faults on your network and such as the the case that i made earlier that you automatically jump to the paranoia conclusion the database server's down oh crap why is the database server down is it because bob took it down for maintenance or is it because somebody dumped the tables a hundred times and it just crashed it or whatever okay but having good paranoid security people not just yourself but with the systems administrators that you're working with the dbas you're working with and any and other people any and all of the other people that work with information technology within the organizations you

work for need to be good security-minded people how do we get that i should have put that as a slide in here as well i won't ask the question more than just to say you need to teach these people what it means to have a security minded outlook on what they're doing the system administrators are not going to just magically decide hey you know what i'm going to always use a hardening guide when i install this new server i'm not going to leave all the bios ports open even though that's not much of an issue these days with the latest version of windows but i'm not going to leave telnet or ssh open up to the world those kinds of

things okay tools you need good tools that manage to help you manage the threats that you're seeing and the tools if you want to just put a little equal equal sign in there tools equals visibility you need to be able to see what's going on and if you don't have the good tools to do that you're going to be failing okay a baseline to work from and a scope to be effective in having a baseline and understanding where you're at and having a plan to move forward is important but also having a scope so that you can actually be effective is key as well because if your scope is this you're never you're going to be a mile

wide and less than an inch deep if your scope is pretty refined you're going to be very effective at what you're doing so make sure that the scope is defined and that if somebody thinks it's this and that's your boss help them understand that you know what i can do really well right here and these other things either we need more dudes for or dudettes sorry i didn't mean to be sexist about it we need more people to do these things or some of these things aren't going to be as effective okay um let's see skills to help you do a better job that's probably one of the most important security fundamentals make sure that you're doing it that you have

the skills in order to do a good job and that ladies and gentlemen is my presentation except for you get to see a really cool white slide so thanks

and if you have any questions most of you know where to find me and such so