Skip to content
← home

tag

#security

98 posts

The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing

Security

Vulnerability value modifiers

There are a few globally and truly external modifiers to the marketplace-defined value of a vulnerability.…

30 Aug 2019 · 1 min read
Security

Upcoming talks

Here’s some of the talks and events I’ll be at over the next few months: Billington 10th Annual Cybersecurity Summit September 4-…

14 Aug 2019 · 1 min read

My DEF CON/Vegas moves

It has been an amazing week so far, but as we drop from “suite and wingtips” mode to “hoodie and sneakers” mode I’d…

08 Aug 2019 · 1 min read
Security

Practical prepping for Hacker Summer Camp

Here are some last-minute security and general “staying vertical” notes I shared with a few folks who are headed to B-Sides/Diana/…

31 Jul 2019 · 3 min read
Security

7 Years and counting…

In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the…

16 May 2019 · 1 min read
Security

My moves during the RSAC/BSides SF circus

Quick post re where I’ll be speaking and attending while the infosec/cyberz are in town for RSA Conference and B-Sides: ps…

02 Mar 2019 · 1 min read
Security

Managing smart device risk: A "how-to" for the average human.

I’m going to provide a practical, ubiquitous, and risk/benefit focussed version of the advice in the tweet, aimed at the average Internet citizen who wants to take advantage of these technologies, while understanding how they can minimize the risks that come with their use.…

20 Jan 2019 · 5 min read
Security

Making noise

“We had a problem with a few needles, and as an industry decided that the best thing to do was to drop a haystack…

31 Aug 2018 · 1 min read
Security

What's in a name? Defining "hacker" in 2018

If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a…

25 Jun 2018 · 2 min read
vulnerability-disclosure

Thoughts on the vault7 CIA/Wikileaks disclosures

Wikileaks’ release of thousands of confidential CIA documents today is yet another demonstration of our just how vulnerable the cybersecurity domain is. Unless we…

07 Mar 2017 · 2 min read
Security

My cybersecurity predictions for 2017

If 2016 did anything for cybersecurity, it was to prove that truth can end up wayyyyyyy stranger than fiction (where fiction, of course, are…

19 Dec 2016 · 1 min read
Security

Solve 99% of Your Infosec Problems with this One Weird Trick!

99% of good infosec is equivalent to remembering to wash your hands after you use the bathroom. As an industry, we should be working to make that easier.…

31 May 2016 · 1 min read