Here is what he wants from me:
- Create a Twitter account if you don’t already have one (you can use your real name or some fake name, I am fine with either), and find at least 5 security people to follow aside from those I already showed you (though you should follow them too). You can use Google to search for some of these people you choose to follow. You should pick people who seem to mostly tweet actual security stuff rather than other things. For each of these people, post a link to a tweet that is particularly interesting, and summarize it in about two sentences each, using ”Solution1A:”, ”Solution1B:” etc for each. Do not just cut and paste, and do not just take the first line or two of the main content of the tweet. Actually summarize it for yourself. For example:
Solution1A: Link: https://twitter.com/Th3G3nt3lman/status/1268832976919560193 Shows how ServiceNow (cloud-based company offering IT services management) exposed information it should not. In its Knowledge Management application, once an entry is created with endpoint of form KB00xxxx, they are publicly reachable and but should not be, leaking passwords, corporate domain tokens, and Personally Identifiable Information (PII) between employees.
remembering that ALL of the above line is a single line (no carriage returns except after the final word employees.. And please remember, ”summarize”. Do not just cut and paste. I’m not looking at you reading deeply every detail of a post, but you should get a feel for what is going on and be able to write a couple sentences on it. And don’t take tweets that don’t link to more important content. A quick tweet saying there was a recent attack on such-and-such company without great detail isn’t very useful. Find tweets that point to something of significance.
- Find at least five security blogs (again, you can use Google to find good ones) to follow, aside from those I have showed you already. For each, using ”Solution2A:”, ”Solution2B:” etc., find a post and summarize it much like you did in question 1.