Attribution 8 Ball

My son is learning programming using the MIT App Inventor to build apps for Android devices. One of his first projects was to make a Magic 8 Ball.  Well, being in the Information Security industry I just couldn’t help myself. …..

Read More

Comprehensive Incident Management

This presentation will introduce a framework to build a comprehensive incident management program. The program is comprised of four foundational components; planning, preparing, practicing, and measuring. The framework has been designed to be compliant with multiple standards, which include PCI, …..

Read More

Biometrics and Implanted RFID Chips

Today Computerworld published an article about an office complex that is implanting RFID chips in employees’ hands to facilitate access.  While this was done on a voluntary basis, I find the idea troublesome on several levels.  The two biggest problems …..

Read More

Super timelines with Splunk

I have always been a great fan of Splunk  for analyzing log data when investigating incidents.  One of the downfalls is that while Splunk does a wonderful job searching logs, the timeline it creates is missing critical time information about …..

Read More

Thoughts on Penetration Testing

I’ve watched our industry slowly mature itself over the last fifteen years, and I am still somewhat bemused regarding penetration testing.  It seems like every standard now requires a penetration test to be done, why?  I struggle to see the …..

Read More

Catapulting Corpses

In warfare, as you modify your defenses, your enemy modifies their tactics. This same process of threat evolution is occurring at a rapid pace in the online world. Warfare is not a new endeavor and old tactics are reused in …..

Read More
1 2