I’ve long been a proponent of sharing threat intelligence. The technical level of this sharing is usually at the indicator of compromise (IOC) level. There are several protocols that allow tools to share these IOCs rapidly. IOCs are gathered through…
Author: Samuel Liles
Research Note: Investigating a breach
Many people are talking about the attribution of the Sony hack. Was it or was it not North Korea? I do not care. I thought I would talk about a couple of things in driving towards attribution and analysis of…
UCF: Digital forensics in the age of the Internet of things: Challenges and opportunities
Abstract: The term “Internet of things” has different meaning to each of the constituent communities building services and devices. One community though is having to rapidly evolve and that is the digital forensics and incident response community. Whether it is…
Hazel takes a selfie
This gallery contains 3 photos →
Speaking: I will be speaking at FedCyber 2014 November 5th
I will be on a panel at FedCyber 2014 November 5th at Tysons Corner in Virginia. I’m going to be on the panel “The Toaster Wars of 2025 – Addressing Embedded Device and Internet of Things Security Before it is…
CERIAS discussion on CISSP and certification in INFOSEC
Here are the slides as promised. 2014 CERIAS CERT Discussion (CISSP) (pdf)
The elevator pitch: Research by Sam
I research the threats and crimes against society where processing and communications artifacts are used to disintermediate the human experience. As such I look at computer network attack, computer network exploitation, computer network defense, and apply generalizable aspects of investigation…
The Social Media Plan: How Sam does it today
I am not rich or famous and most assuredly I am very average in intellect and capability. I have an on again and off again relationship with social media and networking. I am not what you would call a social…
Of ex’s and woes
In 1999 I was divorced. I had been separated on and off again about 7 of the 15 years I was married. The end of my marriage was filled some embarrassing events and some things I truly dreaded. A bankruptcy,…
2014 Indianapolis Summit: Threat trends to the enterprise
Slides of my presentation today at the Indianapolis Summit. 2014 November Indianapolis Summit Threat Trends
Research note: Trans-convergence architecture
Apple CEO Tim Cook and previously Steve Jobs talk often about the idea of the iOS application eco-system. I think that is fundamentally flawed thinking. Thinking in terms of operating systems limits the level of innovation by constraining the product…
Lightweight portable threat intelligence for the enterprise
Does your enterprise threat intelligence feed get you down? Does the wide-ranging list of IP’s, URLs, and other IOCs make you feel bloated? Do you have acronym fatigue? Then you should get lightweight portable threat intelligence for the enterprise. It…
Let’s #FixIt: Information security and the fud of the breach
If I told you tomorrow that a major corporation was going to be breached and a huge volume of credit cards or personal identifiable information was going to be released. You would not be surprised. “What is the big deal”,…
Strategic information security: Enterprise asset control and response
What do we mean when we say strategic?. Usually the people talking about strategic effort are more interested in effects than in the actual activity of strategic decision making. Most assuredly, strategic leadership that is poor can have just as…
Strategic incident response to increase information security after breaches
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are…