One of the big questions that I often get is: How does someone become successful in a cybersecurity career? In this blog I want to share with you the three key lessons I’ve learned during my 18-year journey in the cybersecurity industry. These lessons have paved the way for my success, and I believe they […]
The Three Keys to Success in Cybersecurity Read More »
Below are the links and further reading material that I mentioned at the end of my talk “How to Lead High-Performance Security Teams” (aka: Management Hacking 101). Please let me know if you have any questions and thank you for coming to my talk! Video from my BSides Las Vegas version of this presentation is
How to Lead High-Performance Security Teams: Links and References Read More »
For the last several months I’ve been performing research on techniques attackers could use for performing accounting fraud in popular accounting systems. This research coincides with a whitepaper that SecureState has developed entitled “Cash is King: Who’s Wearing Your Crown?” To perform this research I have collaborated with a coworker of mine, Brett Kimmell, who is the
Project Mayhem to be Unleashed at Black Hat Abu Dhabi Read More »
It’s not too late to register for my webinar on July 12th: Android vs. Apple iOS Security Showdown. I’ll be taking a entertaining look at the current security posture of both platforms. I’ll be battling the Apple App Store vs. Google Play, device updates, MDMs, developer controls, security features and the current slew of vulnerabilities for both
Free Webinar July 12th: Android vs. Apple iOS Security Showdown Read More »
Having spoken at both at the SANS Mobile Device Security Summit as well as OWASP AppSec DC recently about testing mobile applications I’ve encountered that like the old saying goes “There are many ways to skin a cat”, there are also many ways to assess a mobile application. I’ve seen very detailed testing methodologies, not
Three Areas You Need To Test When Assessing Mobile Applications Read More »
My employer (SecureState) has released two white papers as part of our Social Media Security Awareness Month. You can also download some cool wallpaper for this month created by Rob our graphic designer (see the picture on the right). 🙂 First is some research several of my colleagues and I worked on. The paper is titled:
Two New Social Media Security White Papers Released Read More »
The con that is Notacon is upon us. Notacon is one of the best con’s I have ever attended! It’s a great mix of hacking, security, art, technology and everything in between. It’s also small enough to network with others…oh, and its in Cleveland which means its affordable! Things get started tonight with a free
Notacon 7 – Things to Do and Talks to Attend Read More »
Continuing the zombie apocalypse from Defcon…Kevin Johnson and I will again be presenting “Social Zombies: Your Friends Want to Eat Your Brains” at this week’s OWASP AppSec DC conference. We will be speaking Thursday, November 12th at 2:10 in room 146c. We will have some new material and updates from the presentation we gave at
Social Zombies at OWASP AppSec DC this Week Read More »
This is the final article in my series on Enterprise Open Source Intelligence Gathering. This information relates to the main topics from my presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part one. If you missed part two (blogs, message boards and metadata)
This post is part two of my three part series on Enterprise Open Source Intelligence Gathering. This information relates to the presentation that I am giving this week at the 7th Annual Ohio Information Security Summit. For more background information, see part 1. Part three will be about putting together a simple monitoring program/toolkit and
