tag
#security
The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing
Vulnerability value modifiers
There are a few globally and truly external modifiers to the marketplace-defined value of a vulnerability.…
Upcoming talks
Here’s some of the talks and events I’ll be at over the next few months: Billington 10th Annual Cybersecurity Summit September 4-…
My DEF CON/Vegas moves
It has been an amazing week so far, but as we drop from “suite and wingtips” mode to “hoodie and sneakers” mode I’d…
Practical prepping for Hacker Summer Camp
Here are some last-minute security and general “staying vertical” notes I shared with a few folks who are headed to B-Sides/Diana/…
7 Years and counting…
In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the…
My moves during the RSAC/BSides SF circus
Quick post re where I’ll be speaking and attending while the infosec/cyberz are in town for RSA Conference and B-Sides: ps…
Managing smart device risk: A "how-to" for the average human.
I’m going to provide a practical, ubiquitous, and risk/benefit focussed version of the advice in the tweet, aimed at the average Internet citizen who wants to take advantage of these technologies, while understanding how they can minimize the risks that come with their use.…
Making noise
“We had a problem with a few needles, and as an industry decided that the best thing to do was to drop a haystack…
What's in a name? Defining "hacker" in 2018
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a…
Thoughts on the vault7 CIA/Wikileaks disclosures
Wikileaks’ release of thousands of confidential CIA documents today is yet another demonstration of our just how vulnerable the cybersecurity domain is. Unless we…
My cybersecurity predictions for 2017
If 2016 did anything for cybersecurity, it was to prove that truth can end up wayyyyyyy stranger than fiction (where fiction, of course, are…
Solve 99% of Your Infosec Problems with this One Weird Trick!
99% of good infosec is equivalent to remembering to wash your hands after you use the bathroom. As an industry, we should be working to make that easier.…