HOME
SCRIPTS
PROJECTS
READING
CV
Please donate if you find the tools, scripts and info useful.
BTC: 1GwYToq2AuUWUfJJ7NeCpksfjMth7bw7TuLTC: LKh99yzPeXZ7jQgvGgRhkTGReN4TRK4C6p
| Title | Date Published | Description | D/L Count |
| Teaching New Dogs Old Tricks | February, 2018 | Enjoyed the opportunity to speak at ISSA-LA about one of my favorite topics (Network Segmentation and Interlocking Controls). | n/a |
| IANS: Securing your network with overlapping controls | March, 2017 | Marcus Ranum and I sat down to discuss how to greatly enhance network and system security using overlapping controls. | n/a |
| Difftree earned 5 stars | July, 2016 | Linux Pro Magazine reviewed Difftree(dt) v0.5.8 and gave it 5 stars with a nice quote "Difftree is convincing due to its speed, flexibility, and simple operation. Numerous examples on the project site and man page help out with the first steps". | n/a |
| Beyond Defense-In-Depth | June, 2016 | It is time to revisit the current meaning of defense-in-depth, reconsider its utility and practicality and move toward interlocking controls. | n/a |
| Selling Packet Vacuums Door-to-Door | December, 2014 | I was honored to be asked to deliver a keynote at IANS LA and opted to speak about my second most favorite incident response tool (Packet Vacuums). | |
| Detection Algorithms in Log Analysis | April, 2013 | The webcast can be found here. As the volume of log data generated in networks continues to grow, security practitioners have the challenge of detecting problems and anomalies quickly enough to take action and mitigate damage. To do this, they must constantly tune and refine detection algorithms. Tenable's Chief Security Officer, Marcus Ranum, and fellow security practitioner, Ron Dilley, have dedicated much of their careers to finding better ways to detect anomalies and threats within log data. As part of an ongoing Tenable webinar series on log analysis topics, the pair shared their insights and experiences. | |
| Security Data Aggregation: Modeling the Security 'Big Data' Challenge | February, 2013 | The webcast can be found here. IT security teams collect more data every year, from sources across the network, with the goal of obtaining better telemetry and visibility. This creates a 'big data' challenge when it comes to security - how do you collect, aggregate and work with that data in a way that helps you solve complex security problems? As part of a new webinar series on security topics, Geeking Out with Marcus Ranum, Tenable hosted a webcast with guest speaker, Ron Dilley, on the topic of Security Data Aggregation. The topics covered include what data to aggregate, how to aggregate it, and how to derive insights from the data. | |
| Someone To Watch Over Me | August, 2010 | Marcus Ranum and I wrote a paper on a log analysis tool we built call overwatch. It was accepted at SLAML '10 but Marcus and I were not able to attend so we pulled it to make room for another paper who's author(s) could. | |
| Making Sense of Logs (pdf) | August, 2010 | I wrote a piece for USENIX ;login describing my triles, tribulations, tools and discoveries relating to logs and log analysis. | |
| InfoSec Sumo Article | March, 2008 | I wrote a piece for Computer Weekly discussing my persepective on the current state of Information Security and how to construct a successful Information Security program. Over the course of my career, it has become clear to me that Japan's national sport offers a perfect analogy for the current state of information security. | n/a |
| Beyond Anti-Virus | September, 2007 | At this years Information Security Summit, I talked about how to get past the inadequacies of modern A/V solutions. | |
| Unconventional Malware Detection | October, 2006 | I had the opportunity in late 2006 to talk about one of my favorite topics at a company sponsored information security summit. | |
| Track 4 Practical | April, 2004 | Back when I thought that SANS certifications meant something more than a bullet on a resume I started down the path of getting certified. I went so far as to write my practical and right after I submitted it (and it was accepted), SANS decided to drop the practical as a requirement (for the last time). I was bitter and did not even bother to take the test. | |