A few weeks ago I participated in the SANS GCIH course at SANS Charlotte '19. It was led by the talented Jonathan Ham (@jhamcorp), best known for LITERALLY writing the book on network forensics. SANS once again put on one of the best training courses I have ever had the pleasure of attending. This week … Continue reading SANS GCIH –Log 1
Cult of the Dead Cow
Joseph Menn delivers a solid historical review of some of the major founders of the entire red team industry. Cult of the Dead Cow (CDC) was one of the most influential hacking groups of all time, with members such as Mudge, Weld Pond, and Psychedelic Warlord. The group still exists today, with mailing lists and … Continue reading Cult of the Dead Cow
On Boarding Challenges
As a company we do not struggle with on boarding new talent. We are actually really good at bringing folks in, making them feel welcome, and emphasizing how they are now a part of the team. Their first day they sit through a series of presentations, meetings, lunches, and tours to get to know who … Continue reading On Boarding Challenges
The Cuckoo’s Egg
Back in the mid-80's and early 90's security was an after thought when designing networks and computers. Many thought of it as just a roadblock to actually being able to use computing time. In fact, back then, most users thought it was just fine to share credentials with others, in case they were going on … Continue reading The Cuckoo’s Egg
Boyd: The Fighter Pilot Who Changed the Art of War
The book delves into the OODA loop a bit, and includes mentions of Schwerpunkt and Fingerspitzengefuhl. The main dimension of the OODA loop that the instructor never delved into revolved around Orientation, Unpredictability, and Speed
The Damn Vulnerable Serverless Application
Serverless is coming, and the basics never really go away! Lambda, automation, and the no infra future In five to ten years virtual machines will be as much relics as mainframes are today. Forrest Brazeal recently wrote an article detailing a coming IT job apocalypse, and how the only way to avoid your job becoming redundant was to develop … Continue reading The Damn Vulnerable Serverless Application
Guided Security 