2017 September 27
A discussion of the risks of being caught during the early phases of M&A investigations and research. What can happen and how to protect yourself.
2017 June 20
My latest Security Week article is on the importance of hunting for threats in the wilds beyond your perimeter, and the need for digital camouflage and body armor when doing so.
2017 May 11
Threat hunting has become a hot topic in information security. Sometimes threat hunting extends outside the perimeter and merges with threat intelligence. At that point it is important to put on some camouflage.
2017 April 11
It takes time to properly analyze a file to know if it is safe. Unfortunately the way we deploy many security systems means they need to make decisions in milliseconds, only knowing that a file was bad after the fact. We need to architect around this to give security the time it needs to do inspection right.
2017 March 13
2017 February 08
It seems like something from a bad martial arts movie but I actually learned an important lesson for cybersecurity from my kung fu instructor. After finishing this article I started to study renaissance rapier fencing. Avoiding the attack rather than blocking it was the first lesson they taught as well.
2017 January 26
Join me for what should be a fascinating and informative panel discussion on threat hunting. You can join live to participate in the Q&A or listen to the recording later.
2017 January 12
Careful Design of Network and System Security Architecture Can Substantially Enhance Security. Detection & Response are often positioned as competing with Isolation & Prevention. While these classes of security solutions often approach the problem in radically different ways, there can be synergies which allow them to significantly reinforce each other.
2016 December 20 1PM EST
SINET 16 Awards
2016 November 3
2016 October 14
The OODA loop is a well established concept often used in security which originated in the military. OODA stands for Observe, Orient, Decide, Act.
OODA is an iterative process because after each action you need to observe your results and any new opposing action. The idea is that if you can consistently get to the action faster than your opponent you can beat them. It is typically described using an airplane dogfight analogy – airplanes try to turn more quickly and sharply than their opponent in order to get off a shot. But, as you turn faster and faster the g-forces build and at this point the ever faster OODA loop is more like a centrifuge crushing us. We need to break out of the loop and find a new way to play the security game.
ASIS / ISC2 Conference
2016 September 12-15
2016 August 29,30
2016 February 28
I will be speaking at BSidesSF on Sunday at 5:00. The presentation is called "In the Crosshairs: The Trend towards Targeted attacks"