There are no dumb questions

With the success of my bsides slides/talk I have been really expanding my speaking engagements. Having worked in the information technology field now for over 16 yrs. specializing in information security that spans private/public sectors, technical and managerial, interfacing with all levels of end users from executives to interns.  Throughout my career, I have fielded […]

BSides DE – DuckSauce v.02

Thanks to the Bsides DE team and everyone who attended my talk on DuckSauce v.02. I am sure you weren that interested in it when you saw the title but I know you enjoyed it (or hope you did).  For everyone  I am releasing the code a day late – took way to long to […]

Big security on a shoe-string budget

I was at lunch today talking to Mark B. – a fellow TEHC member that is in the process of starting his own company – about how small companies can effectively build a security program even with a limited budget. The key to making this successful, is first to have a thorough understanding on how […]

Mobile device forensics

Headed over to the Maritime Institute for a little mobile forensics training. Class just kicked off – seeing all the toys in the corner of the class I think this will be a fun “hands-on” class. Granted thus is still an ISACA training event so I am not sure how technical it will get but […]

BSides Deleware

Interested in coming out to a free security conference fairly close to the Maryland area? Interested in hearing me speak? Want to get away from a day of work? If you answers yes to any of these questions may I suggest you Google BSides Deleware. BSides offer a great learning opportunity and are free (registration […]

Privacy Please

Ever tried to regain some of your privacy and reclaim your online identity? The other day I reading some tweets and came across this lovely link http://www.accountkiller.com/en/ . Granted based on some of the comments I read this site may need some updating, but being in the infosec field for a while I have never seen […]

BYOD – at your own risk

The “Rabbott” and I have been talking about the subject of BYOD so I thought I would share here. I am not sure why everyone is calling this a new problem – it has been around for years – even before mobile phones.  How many of you are old enough to remember when floppies became “standard”? I am. […]

IE 0-Day

If you havent heard it by now it must be because you are “offline” – all the news reporting on the newly discovered (or should I say publicly discovered) 0-day vulnerability effecting IE 6-9 (pretty much all of them).  I figured I couldn’t have a security related blog without making some comments on this, so here you […]

What if…

I saw this great conversation on Twitter  started by Rob Fuller (@mubix): “What if: All pen-test reports were required to become public record after 6 months?” My thoughts on the subject: 1. I remember the saying “He who has nothing to hide hides nothing”. If you fixed them then who cares????  I like the idea – […]