TCM Security

We're pumped to announce our latest blue team course, Security Operations (SOC) 101! A lot of you have been asking for more blue team content, and we're excited to finally deliver. Big shoutout to Andrew Prince for making SOC 101 a reality. The future's looking bluer than ever— but in a good way! This course is packed with everything you need to crush it as a T1 or T2 SOC Analyst, from phishing analysis, digital forensics and incident response to threat detection, log analysis, SIEM management, and more. Will you be taking it? Let us know if you're in! 🔷 https://lnkd.in/gUHm4m7U

LIVE: Hacking with TryHackMe | Cybersecurity | Pentesting | AppSec| AMA Join Alex to learn more about web hacking. He takes audience questions on a number of security-related topics, does some live hacking, and shares a little bit about future plans here at TCM Security. We livestream at 12 PM ET every Wednesday, so please subscribe to see the next time we're live!

Want to stand out as a SOC analyst? In this clip, Andrew Prince—creator of our new SOC 101 course—shares key skills you need to succeed. At a high level, understanding how foundations like computers, operating systems, and networking, getting hands-on experience with TryHackMe and similar programs, and trying projects like spinning up a SIEM to give you some more true-to-life knowledge. https://lnkd.in/gUHm4m7U

Finish this week strong, fam - and carry that good energy into your weekend. <3

Burp Suite plug-ins can take your web app testing to the next level, and in today's video, Alex is sharing 3 of his current favorites. https://lnkd.in/gb96SeTv 👨💻nowafpls: This newer plug-in, not yet in the BApp Store, is a must-have according to Alex. Developed by Shubham Shah, it cleverly bypasses many web application firewalls by increasing the size of the requests, allowing them to go uninspected. 👀 👨💻JSON Web Tokens (JWTs): Basically, you can use this plug-in to quickly decode, manipulate, and attack JWTs. 👨💻Param Miner & JS Miner: Finally, this is great if you find yourself getting lazy when it comes to recon. Uncover endpoints faster - and get to the fun part of web app testing that much sooner! Have you tried any of these - or do you have other plug-ins that save you? Let us know in the comments!

August 22, 2024: Web Hacking: JWTs and Mass Assignment Join us for a live web hacking session that dives into hacking JSON Web Tokens and exploiting Mass Assignment vulnerabilities. The session includes introductions, setting up tools and live labs to be solved. About the Instructor Alex is a Web Application Security specialist with experience working across multiple sectors, from single-developer applications all the way up to enterprise web apps with tens of millions of users. He enjoys building applications almost as much as breaking them and has spent many years supporting the shift-left movement by teaching developers, infrastructure engineers, architects, and anyone who would listen about cybersecurity. Follow Alex on Social Media: https://lnkd.in/d-X6CmYq

When people think of a cybersecurity career, they often picture the adrenaline rush of red team operations—the l33t hacker. 👨💻 Thanks to the media, it’s easy to see why! But let’s not forget about the blue team—those behind-the-scenes heroes keeping organizations secure every day. 🦸♂️ SOC Analysts, in particular, play a crucial role. But what exactly does a SOC Analyst do? It’s more complex than you might think. Dive into this critical role that’s only growing in importance. Considering this as a career path? We’ve got you covered with our SOC 101 course: https://lnkd.in/gUHm4m7U

LIVE: DEFCON Diaries | Cybersecurity | Pentesting | Hacking | AMA Join Andrew, Tib3rius and Alex to ask anything you'd like about #DEFCON. We livestream at 12 PM ET every Wednesday, so please subscribe to see the next time we're live!

Meet Andrew Prince, the driving force behind TCM Security’s recently released SOC 101 course. (https://lnkd.in/gUHm4m7U)   With expertise in security operations, incident response, threat hunting, vulnerability management, and cloud infrastructure security, Andrew brings a well-rounded approach to cybersecurity. His background in development and system administration gives him unique insight into creating robust security strategies that work from both offensive and defensive angles. Beyond his professional achievements, Andrew is also passionate about the security community. He actively develops Capture the Flag challenges, builds security trainings, and shares his knowledge to help others. We’re thrilled to have Andrew on our team, helping to guide the next generation of security professionals! Have you started SOC 101? Let us know in the comments!

Alex Olsen shares a quick code you can use during your next internal pentest to get credentials. Watch and learn and catch Alex on livestream tomorrow!