There are no absolutes including the absence of absolutes. As such any discussion of adversary sophistication is whimsical at best and likely reliant of chains of logic subject to breaking at their weakest link. If you can handle that then…
Category: Technology
The term “technology” does not follow the same linguistic pattern as “biology” and “geology” because its etymology is different. While “biology” and “geology” are derived from Greek roots, with “bio” meaning life and “geo” meaning Earth, “technology” has Latin roots.
“Technology” comes from the combination of two Greek words: “techne,” meaning skill or art, and “logia,” meaning study or science. So, the term “technology” literally means the study or science of skills or arts. It reflects a broader concept that goes beyond the study of a specific substance (like life or the Earth) to encompass a wide range of human-made tools, systems, and techniques.
In defense of not sharing: What is cyber TMI?
I’ve long been a proponent of sharing threat intelligence. The technical level of this sharing is usually at the indicator of compromise (IOC) level. There are several protocols that allow tools to share these IOCs rapidly. IOCs are gathered through…
Research Note: Investigating a breach
Many people are talking about the attribution of the Sony hack. Was it or was it not North Korea? I do not care. I thought I would talk about a couple of things in driving towards attribution and analysis of…
UCF: Digital forensics in the age of the Internet of things: Challenges and opportunities
Abstract: The term “Internet of things” has different meaning to each of the constituent communities building services and devices. One community though is having to rapidly evolve and that is the digital forensics and incident response community. Whether it is…
CERIAS discussion on CISSP and certification in INFOSEC
Here are the slides as promised. 2014 CERIAS CERT Discussion (CISSP) (pdf)
2014 Indianapolis Summit: Threat trends to the enterprise
Slides of my presentation today at the Indianapolis Summit. 2014 November Indianapolis Summit Threat Trends
Research note: Trans-convergence architecture
Apple CEO Tim Cook and previously Steve Jobs talk often about the idea of the iOS application eco-system. I think that is fundamentally flawed thinking. Thinking in terms of operating systems limits the level of innovation by constraining the product…
Lightweight portable threat intelligence for the enterprise
Does your enterprise threat intelligence feed get you down? Does the wide-ranging list of IP’s, URLs, and other IOCs make you feel bloated? Do you have acronym fatigue? Then you should get lightweight portable threat intelligence for the enterprise. It…
Let’s #FixIt: Information security and the fud of the breach
If I told you tomorrow that a major corporation was going to be breached and a huge volume of credit cards or personal identifiable information was going to be released. You would not be surprised. “What is the big deal”,…
Strategic information security: Enterprise asset control and response
What do we mean when we say strategic?. Usually the people talking about strategic effort are more interested in effects than in the actual activity of strategic decision making. Most assuredly, strategic leadership that is poor can have just as…
Strategic incident response to increase information security after breaches
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are…
SecureWorld 2014, Digital forensics and the Internet of things
Slides as promised. This is a redacted slide deck due to the sensitive nature of some of the data. The presentation is meant to be about 2 hours long, but was 45 minutes at SecureWorld in Indianapolis. If you want…
DerbyCon 2014, Higher Education Panel for Hackers
Video: Members of the panel are Bill Gardner @oncee, Ray Davidson @RayDavidson, Adrian Crenshaw @irongeek_adc, Me! @selil @DrWhomPhD Rob Jorgensen. The members of the panel were great and I felt honored to be included. After the video feel free to read…
CERIAS Seminar slides, West Lafayette Indiana
Slides as promised This is an expanded slide deck of a previous presentation. Still got about two-dozen that haven’t made it out front yet 🙂 Threat Intelligence and Digital Forensics (pdf)
S4 IResponder Conference, San Francisco
Slides as promised. S4 IrespondCon Slides (PDF)