Security
The technical heart: vulnerability research, disclosure, threat analysis, the craft of finding and fixing
The Future is Now: 2020 Cybersecurity Predictions
How is it 2020 already? We’re in the last month of the decade, and the year that has long held a “futurist bookmark” in people’s minds is now upon us. We may not have
The future is now: 2020 cybersecurity predictions
The year that has long held a “futurist bookmark” in people’s minds is now upon us. And while we may not have hoverboards and flying cars yet, our adoption, connectedness, and reliance on technology is accelerating faster than it ever has before.
Vulnerability value modifiers
There are a few globally and truly external modifiers to the marketplace-defined value of a vulerability.
Upcoming talks
Here’s some of the talks and events I’ll be at over the next few months: Billington 10th Annual Cybersecurity Summit September 4-5 2019 Washington DC Hacker Halted (Key
My DEF CON/Vegas moves
It has been an amazing week so far, but as we drop from “suite and wingtips” mode to “hoodie and sneakers” mode I’d still love to connect with as many folks as I can… He
Practical prepping for Hacker Summer Camp
Here are some last-minute security and general “staying vertical” notes I shared with a few folks who are headed to B-Sides/Diana/Queercon/Blackhat/DEF CON. There are lot
7 Years and counting…
In 2012, Bugcrowd set out to create a radical cybersecurity advantage and level the playing field between attackers and defenders. As one of the first steps on that jou
My moves during the RSAC/BSides SF circus
Quick post re where I’ll be speaking and attending while the infosec/cyberz are in town for RSA Conference and B-Sides: ps all of the Bugcrowd parties, workshops, and m
Managing smart device risk: A "how-to" for the average human.
I’m going to provide a practical, ubiquitous, and risk/benefit focussed version of the advice in the tweet, aimed at the average Internet citizen who wants to take advantage of these technologies, while understanding how they can minimize the risks that come with their use.
Making noise
“We had a problem with a few needles, and as an industry decided that the best thing to do was to drop a haystack on them.” This is definitely QOTD from an old cybe
What's in a name? Defining "hacker" in 2018
If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer t