Are you WARPReady?

Bruce Thomson has been presenting these WARPReady presentations over the last year or so to WARPs up and down the UK. Now ISfL are pleased to host this season which is open to all WARP members or colleagues of WARP members.

9th February 2021, 10am to 11:30am – No/Low-cost vulnerability scanning

This presentation is focused on setting up a Linux device and using Open Source (Free tools) to conduct local area network vulnerability scanning. It is also the gateway to an opt-in intro to Linux vWorkshop which follows the steps in the presentation, ideal for getting some Linux skills in a cybersecurity setting especially if embarking on the LGA funded CISSP or CISM training as well as being the precursor for the “recon & web”, Kali / WifI audit presentations/courses

What others say about this presentation:

“The presentation and workshops have been easy to follow and implement, and as such we have fixed a number of things on our network and on our web site, without having to wait for the annual pen tests. We are also now running various scans on a monthly basis to support CE.”


16th February 2021, 10am to 11am – MTA-STS: what you need to do after DMARC is done

This presentation gives an early “heads up” on MTA-STS, an evolving standard already in use by many major email systems including the NCSC. Bruce shares his ‘cookbook’ that covers how to set up this and is an early output from C-TAG for WARP members to use.

What others say about this presentation:

“Brilliant, clear guidance on how to adopt this measure along wide DMARC and other DNS update work, very timely and very well presented!”


23rd February 2021, 10am to 11:30am – zED: baselining your peers and suppliers email

zED, a point product/tool, directly addresses a question that came from the WARPs about how public sector organisations can assess the email hygiene of their peers and suppliers. zED checks TLS and DNS records to ascertain this in a weekly scan based upon the domains you ask it to scan and is complimentary to NCSC’s Mail Check tool. This presentation covers the background as well as the new 2021 features.

What others say about zED:

– “Just getting the information in this way saves so much time on gathering it and putting it in a spreadsheet, repeat.”

– “I saw the words risk baseline and I finally knew what the SIRO here had been trying to tell us about emails (in governance language) for the last few years 🙂 I told him about the zED service and his response was ‘Good idea’”


2nd March 2021, 10am to 12pm – IoT/LoRaWAN: What to do when that IoT job hits your desk

This presentation covers the technology the science as well as the security and governance around IoT and is based on the first-hand experience of piloting IoT, involvement with a major council IoT project, and much more. Ifs focus is to provide a handy touchpoint for cybersecurity and risk professionals in the broader public sector when they need to engage with IoT. It contains over twelve months of research on this topic.

What others say about this presentation:

To condense 12 months of effort into a 90 mins presentation didn’t do it justice, I could have listened for hours more!


All presentations will be made available (PDF Format) after the presentation or workshop, including links.