DFT - Defense Frontier Taskforce

   ________          _____
   \______ \   _____/ ____\____   ____   ______ ____
    |    |  \_/ __ \   __\/ __ \ /    \ /  ___// __ \
    |    `   \  ___/|  | \  ___/|   |  \\___ \\  ___/
   /_______  /\___/ |__|  \___/ |___|  //____/ \___/
           \/                        \/
   ___________                     __  .__
   \_   _____/______  ____   _____/  |_|__| ___________
    |    __) \_  __ \/  _ \ /    \   __\  |/ __ \_  __ \
    |     \   |  | \(  (_) )   |  \  | |  \  ___/|  | \/
    \___  /   |__|   \____/|___|  /__| |__|\___/ |__|
        \/                      \/
   ___________              __      _____
   \__    ___/____    _____|  | ___/ ____\___________   ____  ____
     |    |  \__  \  /  ___/  |/ /|   __\/  _ \_  __ \_/ ___\/ __ \
     |    |   / __ \_\___ \|    <  |  | (  (_) )  | \/\  \__\  ___/
     |____|  (____  /____  >__|_ \ |__|  \____/|__|    \___/ \___/
                  \/     \/     \/
 
Usage: dft [OPTION...] [SECTION...] [PAGE...] start
 
  --about
  --objective
  --basic-approach
  --steps
Secured@DFT:~$

DFT - About

Secured@DFT:~$ dft --about
 
My name is Davi, and I am a independent Cyber Security Researcher.
 
I am known for "being the master of my domain" (by my former CTO) and I am always on the run for "fixing the world again" (by my Director).
 
Working since 1999 on the defensive side but with the mindset of the offensive side, I accumulated valuable know-how in the cyber security field that are fundamental for the continuity of any small and medium-sized business.
 
Nobody has to know everything, but the correct information at the right time can make the difference for jumping multiple steps ahead of the threats.
 
   __.-,       __.-,      __.-,      __.-,      __.-,      __.-,     
  (_.--'      (_.--'     (_.--'     (_.--'     (_.--'     (_.--'     
        _         _         _            _          _           _    
       (_`--,    (_`--,    (_`--,       (_`--,     (_`--,      (_`--,
         '-'       '-'       '-'          '-'        '-'         '-' 
 
Cybersecurity is a team sport and, with a solid network, we can accomplish anything.
 
Secured@DFT:~$

DFT - Objective

Secured@DFT:~$ dft --objective
 
Bring hands-on actions that will improve security, reliability, and performance.
 
Assess the infrastructure looking for:
 
  • Single point of failures and weaknesses,
  • Overengineering or unnecessary complexity that affects managing,
  • Common misconfiguration or non-best practices,
  • Fill the gap between production and documentation at all times!
 
What is NOT the objective:
 
  • Increase the workload and the backlog for the IT team,
  • Deliver a report full of known issues or not feasible tasks,
  • Manage users, change passwords, give awareness training, etc.
 
Note:
 
  There is no mystery or guessing, it's practical work!
 
Secured@DFT:~$

DFT - Basic Approach

Secured@DFT:~$ dft --basic-approach
 
- Understand the needs and objectives to build a scope.
- Analyze the infrastructure, its services, and the data flow.
- Enumerate vulnerabilities, best practices, and opportunities.
- Build a plan for hardening the network and hosts in the scope.
- Create a timeline for actions, changes, and deployments.
- Document changes made for audit and management.
- Re-assess the environment for accomplishment.
 
Secured@DFT:~$
 

DFT - Start

Secured@DFT:~$ dft start
 
If you are looking for a Security Board Member or an eventual Incident Responder that is already familiar with your network, you just found both!
 
Secured@DFT:~$