This gallery contains 1 photo →
City on the bay
Covered Bridge
Research note: Security testing through forensic resistance
Senate Intelligence Committee hearing on Russia election interference
Presentations, posts, categories
Presentations (PDF) Teaching Presentation Research Presentation Blog Posts Considerations of defense in depth Attribution of cyber adversaries Research Note: Defining attacker knowledge, skill, and ability Blog Categories Digital Forensics Incident Response Threat Intelligence Student Work
Today’s Attack IPs
For those that are interested. The following list of IP addresses were attempting to brute force log in against the Selil blog. If you own the addresses below. Before you contact me. Make sure your stuff is clean. Anybody out…
How I saved Christmas dinner when the oven broke
The holiday season begins with the preparations for Thanksgiving dinner and I typically begin cooking for Thanksgiving dinner the Monday prior. I love cooking. I love the science of cooking. I love the art of cooking. I love the traditions…
Government transition: Planning ahead for career risk
As a FED covered by the Hatch Act most onerous elements I have eschewed all political discourse and basically kept my mouth shut. That isn’t going to change now. I have no view public or private to share on the…
CISO metrics: Right sizing and right costing an information security program
In the continuing attempt to prove to the wider world I’m a desirable hire as a CISO for a fortune 100 company. I offer the following and hope even if you don’t hire me that you get something of use…
Motorcycling Commuting: Today the van suspension missile
Over the years I have had to go around, over, or through some interesting items as I get from point a to point b on my motorcycles. I’ve dealt with ladders, opossums, tires, hail, parts and complete carcasses of animals,…
CISO Hunting Tags: What threat hunting should mean to you
If you don’t have a successful information security program don’t waste your dollars or time on threat hunting until you can secure what you own first. There has been much ink spilled on threat hunting in the network. Even the…
New CISO? Get your first 90 days action items here
So you’re a new CISO and you just arrived at the organization. What should your personal interaction project plan look like? I tell CISO’s that they should plan on a few days to simply spin up their technology, get their…
You’re not in our industry WTF do you know about infosec?
This is more from my noisy search for my next windmill to tilt at in what will be the great success of helping an organization become more resilient, capable, and respected for the information security posture they exhibit. I like…
Attribution of cyber adversaries
Key Points: Attribution has three distinct layers; political, technical, and forensic with each having different confidence levels and analysis strategies Adversaries must interact with systems to exploit them and this creates evidence or anomalies that can be used for attribution…
Hiring military leaders off the street
Lots of snark talk from the military types out there. I understand it, but don’t have to agree with it. Over the weekend Military Times put out an article that above the fold states. Defense Secretary Ash Carter wants to…