Don’t accept risk with a pocket veto
Friday, November 23, 2018
Tuesday, November 20, 2018
Monday, October 29, 2018
F5 Labs: Ready or Not, Cyberwarfare Is Here
Ready or Not, Cyberwarfare Is Here
https://www.f5.com/labs/articles/threat-intelligence/ready-or-not--cyberwarfare-is-here
Thursday, August 23, 2018
Friday, August 17, 2018
Wednesday, July 25, 2018
F5 2018 Application Protection Report
I spent over a year researching, gathering data, discussing, analyzing, designing, and writing this report. It's a complete picture of web applications security globally full of data and details. Please read and share:
2018 Application Protection Report
Wednesday, June 13, 2018
Some quick book reviews
Some of things I've read over the past 6 months or so...
Terms and Conditions
A graphic novel based on the iTunes terms and conditions. Brilliant and informative.
Baggywrinkles: A Lubber's Guide to Life at Sea
A graphic novel about what it's like to work on a tall sailing ship in the modern era. I've got a nephew who did this with the author, so it was a chance to learn what he was doing and get his younger cousins interested.
The Writer's Portable Mentor
Because I always am trying to improve my craft. I don't have a Hugo House where I live now, so this is standing in.
The President's Book of Secrets: The Untold Story of Intelligence Briefings to America's Presidents
A fascinating historical review of the president's daily briefing from the CIA written be someone who did it. Follows the process from inception all the way up to near today. Was worth it just for the inside peek into the president's and their learning styles.
Timber Curtain
A set of poems of about the demolition of the Hugo Hous e and it's parallels to the changes in Seattle as a city.
The Monk of Mokha
Since I love coffee and histo ry, ho w could I not? It details one man's journey into coffee perfection back in Yemen. A very American story of entrepreneurship, hardship and gumption.
Spook Street
I love British spy fiction and the Slow Horses and books are a fave. Thrilling, funny, and sardonic take on MI5.
American Kingpin: The Epic Hunt for the Criminal Mastermind Behind the Silk Road
This was a gift from some friends and it took me awhile to get to it but boy was it worth it. Not only did I learn a few things about my profession but the writing and research is top no tch.
The Black Box Society:The Secret Algorithms That Control Money and Information
Wasn't as enlightening as I had hoped it would be, but I did learn a thing or two.
The War Nerd Iliad
I love the war nerd and history. A very readable and understandable version of this epic classic poem. I found it very brutal and gory... then I checked back to the original translations and yep, that's the way the original was.
Pie & Whiskey: Writers under the Influence of Butter & Booze
Great collection of writing from Kate Kebo's "Pie and Whiskey" readings. Really blew me away and made me hungry at the same time.
The Invincible
I love love love Stanislaw Lem and this was a re-read for me. Well, a new translation of something I'd read previously. It's scifi but anyone involved in modern warfare or cyberwarfare will learn a lot from the big message about what can make an enemy "invincible".
Next in my read pile -
The Good Mothers: The Story of the Three Women Who Took on the World's Most Powerful Mafia
Monday, May 28, 2018
Helpnet Security: The ethical and legal dilemmas of threat researchers
Helpnet Security: The ethical and legal dilemmas of threat researcher
Threat intelligence is mainstreaming into a de-facto everyday tool of cyber-defense. But all that intelligence must be collected, analyzed, and prepared by someone. Enter threat researchers, the advanced scouts of cybersecurity. They are becoming more numerous and conspicuous as more intelligence on illicit hacker activity is demanded. Threat researchers trawl through the dark web, pick apart malware, reverse engineer exploits, track outbreaks across the Internet, and set up honeypots to surveil attacker activity.
Thursday, May 10, 2018
F5 Labs - Extend Your Security Program’s Influence with Adjuvants
This article looks at how you can leverage the non-security members of your organization to increase Security’s reach and impact.
Extend Your Security Program’s Influence with Adjuvants
F5 Labs - How Secure Are Your Third-Party Web Apps?
Essential apps are holding essential data, and they’re out of direct oversight. Obviously, it’s not enough to just trust that things are going to be fine...
How Secure Are Your Third-Party Web Apps?
F5 Labs - Breach Costs Are Rising with the Prevalence of Lawsuits
We believe organizations are drastically under estimating their true breach costs...
F5 Labs - Breach Costs Are Rising with the Prevalence of Lawsuits
Monday, April 9, 2018
Helpnet Security: The eternal struggle: Security versus users
There’s an old joke that a job in security is a safe place to be grumpy. From what I’ve seen over my career, that is often true. Security people seem to cherish their reputation for being pessimistic and untrusting.
Read the rest at Helpnet Security: The eternal struggle: Security versus users
Tuesday, March 27, 2018
Sunday, February 25, 2018
Helpnet Security Blog - Discover hidden cybersecurity talent to solve your hiring crisis
Discover hidden cybersecurity talent to solve your hiring crisis
Not having access to technical talent is a common complaint in the
cybersecurity world. Folks with security experience on their resumes are
in such high demand, CISOs need to hunt beyond the fields we know. To
borrow a phrase from the ever-logical Mr. Spock, CISOs need to embrace
Infinite Diversity in Infinite Combinations. By this I mean embracing
diversity not only of bodies but of talents and experiences.
Forthcoming talk - Delaware InfraGard - IoT Botnets
DELAWARE INFRAGARD CHAPTER - March 2018 - Conquering the New Threats
The Hunt for IoT That Threatens Our Modern Way of Life – Ray Pompon
Fri, March 16, 2018
8:00 AM – 12:00 PM ED
Delmarva Conference Center,
4100 South Wakefield Drive
Newark, DE 19702
https://www.eventbrite.com/e/delaware-infragard-chapter-march-2018-conquering-the-new-threats-tickets-43305888077
The Hunt for IoT That Threatens Our Modern Way of Life – Ray Pompon
Fri, March 16, 2018
8:00 AM – 12:00 PM ED
Delmarva Conference Center,
4100 South Wakefield Drive
Newark, DE 19702
https://www.eventbrite.com/e/delaware-infragard-chapter-march-2018-conquering-the-new-threats-tickets-43305888077
Forthcoming RSA talk - Swimming in a Sea of Enemies—The Dilemmas of the Threat Researcher
Swimming in a Sea of Enemies—The Dilemmas of the Threat Researcher
April 18, 2018 | 3:00 pm - 3:45 pm
Threat researchers can find themselves in dicey situations they are unprepared for. This talk will discuss actual ethical and legal dilemmas of threat researchers including consorting with and deceiving criminals, groping thru stolen personal data, turning a blind eye to criminal activity, wandering into compromised systems, and the ultimate worse case: being corrupted and arrested by the FBI.
https://www.rsaconference.com/events/us18/agenda/sessions/9132-Swimming-in-a-Sea-of-Enemies%E2%80%94The-Dilemmas-of-the-Threat-Researcher
April 18, 2018 | 3:00 pm - 3:45 pm
Threat researchers can find themselves in dicey situations they are unprepared for. This talk will discuss actual ethical and legal dilemmas of threat researchers including consorting with and deceiving criminals, groping thru stolen personal data, turning a blind eye to criminal activity, wandering into compromised systems, and the ultimate worse case: being corrupted and arrested by the FBI.
https://www.rsaconference.com/events/us18/agenda/sessions/9132-Swimming-in-a-Sea-of-Enemies%E2%80%94The-Dilemmas-of-the-Threat-Researcher
Tuesday, January 30, 2018
Sunday, January 14, 2018
Radio Interview: A Tale From the Early Days Of Busting Hackers
On NPR station on KPLU KNKX -
As is often the case, way out ahead of the learning curve were the cyber-criminals, and law enforcement had some catching up to do.
The FBI often relied on the knowledge of private security professionals. So in 2000, they contacted a Seattle expert named Ray Pompon, and recruited him to go undercover as part of a sting operation. Pompon shared his story with host Gabriel Spitzer.
A Tale From the Early Days Of Busting Hackers
In the late 90s and early 2000s, a lot of people were still figuring out this whole internet business.
As is often the case, way out ahead of the learning curve were the cyber-criminals, and law enforcement had some catching up to do.
The FBI often relied on the knowledge of private security professionals. So in 2000, they contacted a Seattle expert named Ray Pompon, and recruited him to go undercover as part of a sting operation. Pompon shared his story with host Gabriel Spitzer.
Tuesday, January 9, 2018
Subscribe to:
Posts (Atom)