Improper input validation in driver adgnetworkwfpdrv.sys in Adguard For Windows x86 up to version 7.11 allows attacker to gain local privileges escalation.

CVE-2022-45770: Versions history | AdGuard

Incorrect access control in Aternity agent in Riverbed Aternity before 12.1.4.27 allows for local privilege escalation. There is an insufficiently protected handle to the A180AG.exe SYSTEM process with PROCESS_ALL_ACCESS rights.

Aternity is software developed by Riverbed used to monitor the performance of applications and devices from the end user perspective. Software such as Aternity is a prime target for vulnerability research. “Monitoring” software typically installs hooks and performs process injection to track analytics. Doing so safely is not a trivial task; there may be implementation details an attacker may take advantage of. Additionally, there is incentive to install performance monitors on as many endpoints as possible for best breadth of coverage.

**Vulnerability Overview**

Vulnerable versions of the Aternity agent expose a handle to the agent process (running as SYSTEM) in processes with low and medium integrity levels.

Some low and medium integrity processes on this endpoint were observed to leak a handle the _A180AG.exe_ process with PROCESS\_ALL\_ACCESS rights assigned to the object. An attacker may subsequently duplicate the leaked handle and perform a local privilege escalation (LPE).

**Responsible Disclosure**

**Affected Versions: < 12.1.4.27**

The vulnerability was reported to Riverbed and a patch has been issued.

Release Notes

**References / Further Reading :**

*   https://aptw.tf/2022/02/10/leaked-handle-hunting.html
*   https://twitter.com/last0x00
*   https://twitter.com/APTortellini
*   https://dronesec.pw/blog/2019/08/22/exploiting-leaked-process-and-thread-handles/
*   https://twitter.com/dronesec
*   https://scorpiosoftware.net/2021/01/10/parent-process-vs-creator-process/
*   https://github.com/bananabr/Givemeahand

**Proof-of-Concept:**

Available on GitHub.

CVE-2022-43997: CVE-2022-43997 - Local Privilege Escalation in Aternity Agent - Winternl

An issue was discovered in Rehau devices that use a pCOWeb card BIOS v6.27, BOOT v5.00, web version v2.2, allows attackers to gain full unauthenticated access to the configuration and service interface.

**About Carel pCOWeb**

_The_ **_pCOWeb card_** _is used to interface the pCO Sistema to networks that use the HVAC protocols based on the Ethernet physical standard, such as BACnet IP, Modbus TCP/IP and SNMP._

_The card also features an integrated Web-Server, which both contains the HTML pages relating to the specific application and allows a browser to be used for remote system management._

_The embedded LINUX operating system allows applications (plug-ins) to be added, developed directly by users to meet their own requirements._

**Unauthenticated access to Rehau pCOWeb web interface**

Rehau devices that use pCOWeb service are accessible on various ports, but most common configurations were using 8080, 80, 443, 7777, 9002 and 10000. By typing in a web browser the **_http://<target ip>:<port>/http/_** you will we redirected to the

**_http://<target ip>:<port>/http/default.html_**

and receive full unauthenticated access to the configuration and service interface.

**Directory listing and source code disclosure**

By crawling the pCOWeb web interface other sensitive directories like **scripts and admin** can be accessed:

And the files inside the script directory are disclosing the source code like in the example below:

**Attack surface**

Using Shodan a number of 31 vulnerable devices were discovered, most of them in Hungary and Romania.

**Remedy and risk mitigation**

Since in the **_BIOS v6.27 / BOOT v5.00 / Web version v2.2_** of the web interface there was no way to enable user authentication, the only recommendations are to deny any access to the pCOWeb service ports from WAN (if port-forwarding is enabled to allow remote configuration, then is a good idea to disable port-forwarding to the pCOWeb devices).

CVE-2020-18329: Insecure permissions in REHAU Group Unlimited Polymer Solutions implementation of Carel pCOWeb configuration tool exposes heating and temperature control systems to remote attackers.

A buffer overflow in the ReadyBootDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

**About Lenovo**

*   Our Company
*   News
*   Investor Relations
*   Sustainability
*   Product Compliance
*   Product Security
*   Lenovo Open Source
*   Legal Information
*   Jobs at Lenovo

**Shop**

*   Laptops & Ultrabooks
*   Tablets
*   Desktops & All-in-Ones
*   Workstations
*   Accessories & Software
*   Servers
*   Storage
*   Networking
*   Laptop Deals
*   Outlet

**Support**

*   Drivers & Software
*   How To's
*   Warranty Lookup
*   Parts Lookup
*   Contact Us
*   Repair Status Check
*   Imaging & Security Resources

**Resources**

*   Where to Buy
*   Shopping Help
*   Sales Order Status
*   Product Specifications (PSREF)
*   Forums
*   Registration
*   Product Accessibility
*   Environmental Information
*   Gaming Community
*   LenovoEDU Community
*   LenovoPRO Community

© Lenovo.  
| | | |

CVE-2022-1890: Lenovo Notebook BIOS Vulnerabilities - Lenovo Support US

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated malicious user may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

**Vaikutus**

High

**Tiedot**

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-34405

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated attacker may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

  
7.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

**Proprietary Code CVEs**

**Description**

**CVSS Base Score**

**CVSS Vector String**

CVE-2022-34405

An improper access control vulnerability was identified in the Realtek audio driver. A local authenticated attacker may potentially exploit this vulnerability by waiting for an administrator to launch the application and attach to the process to elevate privileges on the system.

  
7.3

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Dell Technologies recommends all customers update at the earliest opportunity.

Go to the Drivers & Downloads site for updates on the applicable products. To learn more, see Dell KB article 124211: Dell BIOS Updates, and download the update for your Dell computer.

Customers may use one of the Dell notification solutions to be notified on download driver, BIOS, and firmware updates automatically once available.

Dell Technologies suosittelee, että kaikki asiakkaat ottavat huomioon sekä CVSS-peruspistemäärän että kaikki asiaankuuluvat väliaikaiset ja ympäristöön liittyvät pisteet, jotka voivat vaikuttaa tietyn tietoturvahaavoittuvuuden mahdolliseen vakavuuteen.

**Tuotteet, joihin asia vaikuttaa ja tilanteen korjaaminen**

**Product**

**Module**

**Update Version**

**Release Date**

Alienware m15 Ryzen Edition R5

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Alienware m15 R6

Realtek High Definition Audio Driver

6.0.9400.1

10-20-2022

Dell G5 5090

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Dell G5 5000

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Alienware Area 51m R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Dell G7 7500

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Dell G7 7700

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Alienware x15 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9388.1  
1.37.275.0

09-12-2022

Alienware x17 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9388.1  
1.37.275.0

09-12-2022

Alienware m15 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Alienware m17 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Dell Gaming G3 3590

Realtek High Definition Audio Driver

6.0.9254.1

10-25-2022

Dell G3 3500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Dell G5 5500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Alienware Area 51m R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware Aurora R8

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Dell G15 5515

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Dell G15 5510

Realtek High Definition Audio Driver

6.0.9400.1

10-27-2022

Dell G15 5511

Realtek High Definition Audio Driver

6.0.9400.1

10-26-2022

Alienware Aurora R10

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware Aurora R9

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Alienware Aurora R11

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware Aurora R12

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware m15 R3

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m15 R4

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R3

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R4

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Dell G5 5590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7790

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Alienware Aurora R13

Realtek High Definition Audio Driver

6.0.9388.1

10-12-2022

Alienware m15 R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

**Product**

**Module**

**Update Version**

**Release Date**

Alienware m15 Ryzen Edition R5

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Alienware m15 R6

Realtek High Definition Audio Driver

6.0.9400.1

10-20-2022

Dell G5 5090

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Dell G5 5000

Realtek High Definition Audio Driver

6.0.9394.1

10-13-2022

Alienware Area 51m R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Dell G7 7500

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Dell G7 7700

Realtek High Definition Audio Driver

6.0.9407.1

10-18-2022

Alienware x15 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9388.1  
1.37.275.0

09-12-2022

Alienware x17 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9388.1  
1.37.275.0

09-12-2022

Alienware m15 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Alienware m17 R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Dell Gaming G3 3590

Realtek High Definition Audio Driver

6.0.9254.1

10-25-2022

Dell G3 3500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Dell G5 5500

Realtek High Definition Audio Driver

6.0.9422.1

10-31-2022

Alienware Area 51m R1

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware Aurora R8

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Dell G15 5515

Realtek High Definition Audio Driver

6.0.9433.1

12-13-2022

Dell G15 5510

Realtek High Definition Audio Driver

6.0.9400.1

10-27-2022

Dell G15 5511

Realtek High Definition Audio Driver

6.0.9400.1

10-26-2022

Alienware Aurora R10

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware Aurora R9

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-13-2022

Alienware Aurora R11

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware Aurora R12

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-12-2022

Alienware m15 R3

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m15 R4

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R3

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R4

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Dell G5 5590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7590

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Dell G7 7790

Realtek High Definition Audio Driver

6.0.9394.1

10-11-2022

Alienware Aurora R13

Realtek High Definition Audio Driver

6.0.9388.1

10-12-2022

Alienware m15 R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

Alienware m17 R2

Realtek High Definition Audio Driver  
Realtek Audio Console Application

6.0.9394.1  
1.37.275.0

10-19-2022

**Kiitokset**

**CVE-2022-34405**: Dell Technologies would like to thank khangkito for reporting this issue. 

**Versiohistoria**

**Revision**

**Date**

**Description**

1.0

2022-12-16

Initial Release

**Asiaan liittyvät tiedot**

Dell Security Advisories and Notices  
Dell Vulnerability Response Policy  
CVSS Scoring Guide

Alienware Area-51m, Alienware Area-51m R2, Alienware Aurora R13, Alienware Aurora R8, Alienware Aurora R9, Alienware m15 R2, Alienware m15 R3, Alienware m15 R4, Alienware m15 Ryzen Edition R5, Alienware m15 R6, Alienware m17, Alienware m17 R2 , Alienware m17 R3, Alienware m17 R4, Alienware x15 R1, Alienware x17 R1, Alienware Area-51m, Dell G3 15 3500, Dell G3 15 3590, Dell G5 15 5500, Dell G15 5510, Dell G15 5511, Dell G15 5515 Ryzen Edition, Dell G5 15 5590, Dell G7 15 7500, Dell G7 15 7590, Dell G7 17 7700, Dell G7 17 7790, Dell G5 5000, Dell G5 5090, Product Security Information ...

19 jouluk. 2022

CVE-2022-34405: DSA-2022-316: Dell Client Security Update for a Realtek High Definition Audio Driver Vulnerability

An issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.

CVE-2022-38775: Security issues

Red Hat Security Advisory 2023-0274-01 - Angular JavaScript library packaged for setuptools / pip.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenStack Platform 17.0 (python-XStatic-Angular) security update  
Advisory ID:       RHSA-2023:0274-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:0274  
Issue date:        2023-01-25  
CVE Names:         CVE-2019-10768  
====================================================================  
1. Summary:

An update for python-XStatic-Angular is now available for Red Hat OpenStack  
Platform 17.0 (Wallaby).

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 17.0 - noarch

3. Description:

Angular JavaScript library packaged for setuptools (easy_install) / pip.

Security Fix(es):

* Prototype pollution in merge function could result in code injection  
(CVE-2019-10768)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1813309 - CVE-2019-10768 AngularJS: Prototype pollution in merge function could result in code injection

6. Package List:

Red Hat OpenStack Platform 17.0:

Source:  
python-XStatic-Angular-1.5.8.0-15.el9ost.src.rpm

noarch:  
XStatic-Angular-common-1.5.8.0-15.el9ost.noarch.rpm  
python3-XStatic-Angular-1.5.8.0-15.el9ost.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-10768  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY9FaJNzjgjWX9erEAQiO5g/+IxDa/ZzGCchT5ap2MfKHcNJT5nZxdalH  
1feTMbJygrySaxWbTvuFzvQSTSgnYKRahZs+jApJ5kCeCpv1L7Wq8hkaey/zO+ur  
LZhUzj86Tv2wvZMg0EBlCvBVbCGsTKrTa67yJ1a/bvvJIFqujv5K7fqD29xj4KW7  
twynUmYaIzB5F5z35baug2aSAXRl+WOBoegXn/r1GycB/e3q6/EDxrx4h3TMPfEC  
Ipa8kdhV2EwA/pdGxBurEb9TVHXBVtjyiCy2tPtJtZYwX/zlRDj7BR3wEYqQSpf+  
vXkIe2Z1Om5oJM3EZnF/tBtaOH0a0mSeJXIfklNGXzutyhAJI43GIeG85AThNz2O  
bIo9XI+ws0fLLGpnnug/cpOyxsS/H5YPjB5/KEvCDekCEZ58L/V/5WphgK/A7cyt  
THchgvJ+o37ARG3Yi2Nn0/AePxPvDLs/NWm7qAoQA/SgajaVhm7ogjaA2v+p4LaB  
5SuKnvG+B3lrmOHwu4io0neTccwxss6hAm0vLWvIjWsS2g6foviXTjq+h71vtnen  
pwACnQh91X899rL9nqpVjxImqG0tllFCuhDCdAL+mbb41QeYWVbRWHyH5Goke9W3  
8foDbRzIIHCQCcjWIOGY6A52L4dA+4Z8VoLIosKHj1OrFez2Zo3pq4Apf9i2lJkU  
aLC02pHGTsM=+hEu  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-0274-01

Your smartphone or wearable could help you out in a truly dangerous situation. Here are some options to consider.

The Best Personal Safety Devices, Apps, and Alarms (2023)

Red Hat Security Advisory 2023-0432-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0432-01

If you or your company can't find good infosec candidates, consider changing up the qualifications to find more nontraditional talent.

Cyber and information security job openings seem to have one of the higher barriers to entry compared with other services-focused roles, and this gatekeeping can be largely blamed for the shortage of available talent in the field. For some reason, other positions are very open to nontraditional backgrounds and limited experience provided the candidate isn't a complete novice and can demonstrate interest in pursuing the field (think: customer service/support, bookkeepers, or IT help-desk roles).

In a world where talent is desperately needed, it is incumbent on hiring managers to rely less on keywords in a resume to prescreen candidates for most roles and instead consider the candidate's transferable skills.

Take the list of requirements and preferences below, which was derived from a recent posting for an entry-level security role. Here are some ways to reframe the skills and qualifications that are likely to give employers most, if not all, of what they're seeking. I've also included suggestions for adjacent skills that may satisfy what the job poster is looking for.

****Requirement: Thorough Understanding of Cybersecurity Principles, Concepts, and Best Practices****

Let's change this to, "Demonstrated understanding of at least one cybersecurity domain." Why? Anyone who has been in this field for any length of time knows you can dedicate your entire career to mastering the concepts, principles, and best practices of just one domain, let alone all of cybersecurity. Instead, highlight those areas most important for this role. If the person _needs_ to understand the basics of identity access and management and the rest is beneficial, state as much. This way, if the person is truly new to the field, they can study up on exactly what you need and highlight their willingness to learn during the interview.

****Requirement: Excellent Critical Thinking and Problem-Solving Skills and Ability to Work Under Pressure****

Leave as is, but carefully consider where the applicant may have acquired these skills. As hiring managers, we always want to hear examples of dealing with this pressure during an outage or other event. Be open to hearing from a parent who had to juggle two sick kids while their spouse was traveling, or the department manager who severely underestimated the demand for toilet paper in 2020. None of these stories involve incident response (at least as we define it), but all will provide examples of being put in a difficult situation, navigating their way through it, and what they learned from it that can be applied to your role.

****Requirement: 1-2 Years Professional Experience with Firewalls, VPN, SIEM, and/or IDS and Network Management/Monitoring Tools, Azure or AWS, and IAM****

Change this to, "Demonstrable experience with common security tools, such as firewalls, cloud providers, SIEM tools, IDS/IPS, or identity providers." This requirement is nearly impossible to meet for someone brand new to the field, but if it is a requirement for the role, consider those with amateur experience with the same tools. Perhaps they built a virtual lab at home with freeware to understand the concepts, took a course on Wireshark and tapped their home Internet, or configured Pi-Hole to better secure their home network. Perhaps they have a free Amazon Web Services account and configured RBAC with test accounts or stood up a virtual syslog server.

This is arguably the most difficult requirement for new entrants and even some experienced ones because we all use different tools, so look for someone who has used _any_ relevant tools and ask them how they learned about it, what they did with it, and what they learned from the experience. A natural curiosity shows a propensity to spend the time learning any tool your company has now or will acquire later.

****Requirement: Industry Certifications****

Leave as is but consider it optional and not required. This is perhaps the easiest to meet as CompTIA, ISC2, and others offer entry-level certifications, but consider the candidate may not have the means to pursue these certifications independently due to the cost, time, or other factors. One of the greatest benefits we can offer candidates is the opportunity to learn more, so don't let this be a disqualifier.

****Requirement: 2- or 4-Year Degree in Computer Science or Related Field****

Try using, "A college degree or recently completed training in relevant technologies and concepts." I concede this one proves a base level of knowledge in a topic, but it ignores several important factors. Many candidates may not have pursued college for one reason or another; it may have been unaffordable, or they tried and weren't successful, or like many of us perhaps they simply didn't know what they wanted to do after high school. Regardless, otherwise qualified candidates should not be rejected because of a lack of a degree if they can prove relevant training and skills. 

There are plenty of other degrees and backgrounds that lend themselves to what we do. A candidate who spent four years in the military has the mindset to understand an adversary and execute on a plan as it's been prescribed, both of which are incredibly helpful in incident response. A middle school teacher can demonstrate juggling multiple priorities while maintaining incredible documentation and providing updates to stakeholders (parents). It's also exactly what you need from an internal compliance team. Similar examples are all around but require us to be flexible when deciding what we really need from entry-level hires.

Tag

#ios