Apple CEO Tim Cook and previously Steve Jobs talk often about the idea of the iOS application eco-system. I think that is fundamentally flawed thinking. Thinking in terms of operating systems limits the level of innovation by constraining the product…
Lightweight portable threat intelligence for the enterprise
Does your enterprise threat intelligence feed get you down? Does the wide-ranging list of IP’s, URLs, and other IOCs make you feel bloated? Do you have acronym fatigue? Then you should get lightweight portable threat intelligence for the enterprise. It…
Let’s #FixIt: Information security and the fud of the breach
If I told you tomorrow that a major corporation was going to be breached and a huge volume of credit cards or personal identifiable information was going to be released. You would not be surprised. “What is the big deal”,…
Strategic information security: Enterprise asset control and response
What do we mean when we say strategic?. Usually the people talking about strategic effort are more interested in effects than in the actual activity of strategic decision making. Most assuredly, strategic leadership that is poor can have just as…
Strategic incident response to increase information security after breaches
Another day, another breach, and more credit cards are on the open market. I’m not sure what the thieves are going to be doing with the credit cards at this point but let’s take a look at where we are…
Strategy is a thing, an activity, and a level
I have been teaching my twin sons about strategy. We’ve looked at various authors, talked about it extensively during dinner, and tried to apply several of the concepts to real world events. I guess they corrected their 9th grade English…
SecureWorld 2014, Digital forensics and the Internet of things
Slides as promised. This is a redacted slide deck due to the sensitive nature of some of the data. The presentation is meant to be about 2 hours long, but was 45 minutes at SecureWorld in Indianapolis. If you want…
DerbyCon 2014, Higher Education Panel for Hackers
Video: Members of the panel are Bill Gardner @oncee, Ray Davidson @RayDavidson, Adrian Crenshaw @irongeek_adc, Me! @selil @DrWhomPhD Rob Jorgensen. The members of the panel were great and I felt honored to be included. After the video feel free to read…
CERIAS Seminar slides, West Lafayette Indiana
Slides as promised This is an expanded slide deck of a previous presentation. Still got about two-dozen that haven’t made it out front yet 🙂 Threat Intelligence and Digital Forensics (pdf)
S4 IResponder Conference, San Francisco
Slides as promised. S4 IrespondCon Slides (PDF)
2005 Jeep TJ SE (SOLD)
This gallery contains 12 photos →
Motorcycle Monday
CERIAS : What is wrong with all of you? Reflections on nude pictures, victim shaming, and cyber security
I wrote a CERIAS blog post with Dr. Eugene Spafford on the issues surrounding the media and social implications of the exploitation and distribution of images from various celebrities. As an information security researcher I am completely blown away by…
[Honeypot Alert] Active Probes for WordPress revslider_show_image Plugin Local File Inclusion Flaw – SpiderLabs Anterior
[Honeypot Alert] Active Probes for WordPress revslider_show_image Plugin Local File Inclusion Flaw – SpiderLabs Anterior. Why there it is! Oh and go to the bottom for a real special logged event. [403 GET / HEAD Request: September 3, 2014 –…
Anecdote: Dress the part and credibility
Rather than can’t get no respect I want to talk credibility and the two-edged wicked problem of surface over substance. I am an old, fat, bald, white guy. I am not as old as some but older than most. I…