if ($testing_in_production == true) {
RTFM();
}
else {
$Move=fast;
$Break=Shit;
}

 

I’ve been spending a lot of time hopefully making something better for a customer. They recently had an au

ditor c

ome in and tell them they were doing the most basic layers of security (i.e. Antivirus) all wrong and it needed to be redone. And the organization was given a deadline about a month away for 40 PCs and a dozen servers.

This is not a significant issue except the 13-hour timezone difference makes anything that gets messed up a little more precarious to go fix. My first

real sysadmin job allowed me the luxury of driving across town if I broke something.

In all cases I’m lucky that I have experience deploying the tools in a much larger environment. That environment was also under pressure. They had just been pwn’d and didn’t really know it until I stumbled across that. Really didn’t know what I was dealing with… at that time in 2008 I really had no clue what real information security was about. I learned quickly.

What I have also learned through many years of work, is that if you’re going to have to test in production, I recommend that you take a deep breath, slow down, and read the manual first. Knowing what the heck you are doing is only the first step. You really have to know *why* you are doing a thing. There’s no shortage of opportunity to move fast and break stuff, but with each instance there’s also an opportunity for learning and growth.

With the amount of chaos in the world, inability for many OPSEC teams to focus on actually securing all the things, and the continual drive to still give customers what they want, there’s also no shortage of opportunities to learn-on-the-fly, be creative, and solve problems. Even in production.