There are just some resources that are invaluable to
Security IT Professionals no matter what area of IT you work in or what your position in the company is. SANS is one of those resources. They watch our back, block for us and give us new plays for our playbook. Not to mention that they coach and train us to make us better at what we do.
Today the ISC Diary has another good reminder and tip for us. One of our primary responsibilities is to secure our environment. We apply patches, double check our configurations, ensure least privilege, etc..... but are we often overlooking something? Do we spend so much of our energy on these things that we forget to make sure that we didn't leave something that doesn't need to be there? Do we fail to look beyond our standard procedures and checklists? How long has it been since they were updated?
Just as we need to ensure that we do the things that we need to do we also need to ensure that we don't do things that aren't needed. The key is knowing what these things are.