DFT

            ________     ___________   ___________
            \______ \    \_   _____/   \__    ___/
             |    |  \    |    __)       |    |
             |    |   \   |     \        |    |
            /_______  /   \___  /        |____|
                    \/        \/
 
Usage: dft [OPTION...] [SECTION...] [PAGE...] start
 
  --about
  --objective
  --approach
  --contact
 
Secured@DFT:~$
 

DFT - Start

Secured@DFT:~$ dft start
 
If you are looking for a Security Board Member or an eventual Incident Responder that is already familiar with your network, you just found both!
 
Secured@DFT:~$

DFT - Approach

Secured@DFT:~$ dft --approach
 
- Define the Perimeter:
  - Aligning business objectives with a technical North Star.
- Map the Terrain:
  - Visualizing data flows and infrastructure dependencies.
- Expose the Gaps:
  - Identifying where best practices meet real-world vulns.
- Architect the Shield:
  - Engineering a custom roadmap for network and host hardening.
- Orchestrate the Rollout:
  - A phased timeline for deployments with smooth transition.
- Engineer the Escape:
  - Designing a seamless rollback to zero-downtime recovery.
- Log the Evolution:
  - Comprehensive documentation for audit-ready compliance.
- Validate the Build:
  - Rigorous re-assessment to ensure every objective was met.
- Empower the Guard:
  - Training your team to maintain and defend the new standard.
- Simulate the Storm:
  - Stress-testing defenses against controlled, simulated chaos.
- Iterate the Future:
  - Continuous refinement to stay ahead of the next threat.
Secured@DFT:~$

DFT - About

Secured@DFT:~$ dft --about
 
My name is Davi, and I am a independent Cyber Security Researcher.
 
I am known for "being the master of my domain" (by my former CTO) and I am always on the run for "fixing the world again" (by my Director).
 
Working since 1999 on the defensive side but with the mindset of the offensive side, I accumulated valuable know-how in the cyber security field that are fundamental for the continuity of any small and medium-sized business.
 
Nobody has to know everything, but the correct information at the right time can make the difference for jumping multiple steps ahead of the threats.
 
   __.-,       ..-'.       .. .        .  .
  (_.--'      (_.-'       ( . '       ( . .       .   .
          _           .           .           
         (_`--,      (_`-.       ( .-.       ( . .
           '-'         '-'         ' '         '
 
Cybersecurity is a team sport and, with a solid network, we can accomplish anything.
 
Secured@DFT:~$

DFT - Objective

Secured@DFT:~$ dft --objective
 
Bring hands-on actions that will improve security, reliability, and performance.
 
Assess the infrastructure looking for:
 
  • Single point of failures and weaknesses,
  • Overengineering or unnecessary complexity that affects managing,
  • Common misconfiguration or non-best practices,
  • Fill the gap between production and documentation at all times!
 
What is NOT the objective:
 
  • Increase the workload and the backlog for the IT team,
  • Deliver a report full of known issues or not feasible tasks,
  • Manage users, change passwords, give awareness training, etc.
 
Note:
 
  There is no mystery or guessing, it's practical work!
 
Secured@DFT:~$