
This gallery contains 1 photo →
Analysis and evaluation of external actors, entities, and events that will have negative effect on the enterprise.
This gallery contains 1 photo →
I’ve long been a proponent of sharing threat intelligence. The technical level of this sharing is usually at the indicator of compromise (IOC) level. There are several protocols that allow tools to share these IOCs rapidly. IOCs are gathered through…
Many people are talking about the attribution of the Sony hack. Was it or was it not North Korea? I do not care. I thought I would talk about a couple of things in driving towards attribution and analysis of…
Slides of my presentation today at the Indianapolis Summit. 2014 November Indianapolis Summit Threat Trends
Does your enterprise threat intelligence feed get you down? Does the wide-ranging list of IP’s, URLs, and other IOCs make you feel bloated? Do you have acronym fatigue? Then you should get lightweight portable threat intelligence for the enterprise. It…
Slides as promised This is an expanded slide deck of a previous presentation. Still got about two-dozen that haven’t made it out front yet 🙂 Threat Intelligence and Digital Forensics (pdf)
Slides as promised. S4 IrespondCon Slides (PDF)
I worry about the over use of threat intelligence. The idea of intelligence came to the information technology space in the early 1990s and many from the intelligence world and the information technology community scoffed at the idea. In the…
This gallery contains 1 photo →
I am concerned about how this discussion has evolved, and it is influenced heavily by political and ideological biases. More importantly, it is in a box, which does not reflect a stern reality. I have been told that “Privacy is…
In a Twitter discussion (>140 characters at a time) with Chris J @rattis about tracing credit cards from pictures on Twitter posted by users, to dissemination, and subsequent use. The following experimental protocol was developed. The scenario being examined is…
I’m going to disagree with the espoused equivalence of government snooping and corporate snooping. The former is enabled by the latter but that is still conflation of the two issues. A consumer opts in when they utilize a service, asks…
This gallery contains 1 photo →
This gallery contains 1 photo →
I’ve been thinking about how the structure of the intelligence community and specifically technical collection activities are understood. The departure of General Alexander and the current budget fights are policy fulcrum points that can be used for change. I have…