cybersecurity
Upcoming talks
Here’s some of the talks and events I’ll be at over the next few months: Billington 10th Annual Cybersecurity Summit September 4-5 2019 Washington DC Hacker Halted (Keynote) October 10-11 2019 Georgia, Atlanta
cybersecurity
bugcrowd
My DEF CON/Vegas moves
It has been an amazing week so far, but as we drop from “suite and wingtips” mode to “hoodie and sneakers” mode I’d still love to connect with as many folks as I can… Here are my approximate moves for the rest of the week – If you see me
cybersecurity
Practical prepping for Hacker Summer Camp
Here are some last-minute security and general “staying vertical” notes I shared with a few folks who are headed to B-Sides/Diana/Queercon/Blackhat/DEF CON. There are lots of other posts on Vegas survival, and I’ll post a list of them in a little bit… This one is
cybersecurity
7 Years and counting…
In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the first steps on that journey, seven years ago today, we launched our first “Proof of Concept” bug bounty, offering up a total reward pool of $500
cybersecurity
My moves during the RSAC/BSides SF circus
Quick post re where I’ll be speaking and attending while the infosec/cyberz are in town for RSA Conference and B-Sides: ps all of the Bugcrowd parties, workshops, and meetups are listed here. If you want to attend Mayhem, make sure you sign up!!! It’s getting to be
risk-management
Managing smart device risk: A "how-to" for the average human.
I’m going to provide a practical, ubiquitous, and risk/benefit focussed version of the advice in the tweet, aimed at the average Internet citizen who wants to take advantage of these technologies, while understanding how they can minimize the risks that come with their use.
cybersecurity
Making noise
“We had a problem with a few needles, and as an industry decided that the best thing to do was to drop a haystack on them.” This is definitely QOTD from an old cybersecurity industry friend over lunch today. It sums up the current information overload problem for those on
cybersecurity
What's in a name? Defining "hacker" in 2018
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet badness. In reality, the word “hacker” applies to
vulnerability-disclosure
Thoughts on the vault7 CIA/Wikileaks disclosures
Wikileaks’ release of thousands of confidential CIA documents today is yet another demonstration of our just how vulnerable the cybersecurity domain is. Unless we do a better job identifying our vulnerabilities, attackers – be they criminals, hacktivists, hobbyist, or nation state agencies – can and will take advantage of them. What’s
cybersecurity
My cybersecurity predictions for 2017
If 2016 did anything for cybersecurity, it was to prove that truth can end up wayyyyyyy stranger than fiction (where fiction, of course, are end of year prediction pieces). I have plenty of opinions of where I think it’ll get weird next year, but instead I think Mike Mimoso’
cybersecurity
Solve 99% of Your Infosec Problems with this One Weird Trick!
99% of good infosec is equivalent to remembering to wash your hands after you use the bathroom. As an industry, we should be working to make that easier.
cybersecurity
Pain of staying the same > Pain of change = Change
Cybersecurity has long been a challenge lead from the top down, but as heat increases in the consumer market and hacking becomes dinner-table conversation at non-geek dinner-tables, I wonder...