Featured Posts
No Results Found
The page you requested could not be found. Try refining your search, or use the navigation above to locate the post.
Seeing Red: Reconnaissance
Reconnaissance: Know Your Target This is part of a series of posts that walk through an attack. To start from the beginning, click here. In the last post, we got a brief overview of Kali Linux and some of its capabilities. In this part, we'll start to use some of...
Seeing Red: Tools of the Trade
Seeing Red This is part of a series of posts that walk through an attack. In an ideal world, information security teams are comprised of both a dedicated Red Team (attackers or offensive side) and a Blue Team (incident responders or defensive side). I've never been...
Learn Concepts Not Tools
Last week, I attended a week-long TippingPoint (a network-based intrusion prevention system) training class for work. Nothing particularly exciting, just your typical security vendor training. What I did find interesting, was the class was comprised of 75%...
Save the Yelps
I'm a big fan of Yelp and frequently use it to find great local restaurants. I started using it about six years ago and quickly found the user-contributed reviews and tips to be invaluable. It proved incredibly handy when I moved to DC and knew nothing about the...
Threat Intelligence: CIF
Introduction One of the many challenges in information security is collecting, managing, and applying threat intelligence. Typically, threat intelligence comes from a variety of disparate sources, such as IDS rules (Sourcefire / Emerging Threats), server/application...
Nessus and Splunk
Introduction Inspired by my IP360 and Splunk integration project (here and here), I wanted to do the same for Tenable Nessus. In a previous role I implemented Nessus + SecurityCenter and for the most part had a positive experience. The interface was modern and I...
Foodie Photography
Not security related, but a couple months ago the Food Network Magazine asked if they could use one of my pictures they found on Yelp for their May 2014 issue. I just got a digital copy of the magazine and had to share. Check out the picture of the "Tilapia...
Python Scripts
I'm consistently impressed by Python and the power it gives anyone to automate a myriad of tasks. I encourage all security professionals to learn Python as you have or will more than likely run into a problem that requires some kind of automation. I got started by...
BSides Austin 2014
Last month, I attended my first BSides conference in Austin and was excited to see what it was all about. I wanted to go to the inaugural BSides DC event last year but couldn't make it. Having just moved to Austin (you know, like everyone else), I was excited to see...
IP360 and Splunk – Part 2
Introduction In Part 1, I discussed how I thought integrating Tripwire IP360 vulnerability data into Splunk would be a great way to both learn Splunk and create useful and interesting vulnerability reports. I gave an overview of IP360's vulnerability scoring system...
IP360 and Splunk – Part 1
Introduction Over the last several months I've been working towards becoming a Splunk Certified Architect. To prepare, I wanted additional hands-on practice and tried to think of ways I could apply all the techniques I had learned in my classes. I happened to have a...
Incident Response: Carbon Black
A few months ago I read about an emerging incident response technology called Carbon Black. At its core, Carbon Black acts as a surveillance camera for a system. It's a lightweight sensor that constantly collects process and network information. More importantly,...
How To Pass SANS GIAC Certification Exams
As I mentioned in a previous post, I recently took SANS SEC 504 and have since been studying for the accompanying GIAC Certified Incident Handler (GCIH) certification. I'm happy to say that over the weekend I passed (thank you, thank you) and wanted to share my...
How to Succeed in Information Security
As our world becomes increasingly connected and dependent on computing devices, information security has evolved from luxury to necessity. With more and more computers connecting each day, the number of attacks and breaches have increased exponentially. This in turn...
Security News
With new attacks and vulnerabilities emerging at increasingly alarming rates, it's critical for information security professionals to stay on top of the latest techniques and methodologies to defend our networks from malicious users (and more often than not, our own...