tail -f security.log

Recent Posts

Seeing Red: Reconnaissance

Seeing Red: Reconnaissance

Reconnaissance: Know Your Target This is part of a series of posts that walk through an attack.  To start from the beginning, click here. In the last post, we got a brief overview of Kali Linux and some of its capabilities.  In this part, we’ll start […]

Seeing Red: Tools of the Trade

Seeing Red: Tools of the Trade

Seeing Red This is part of a series of posts that walk through an attack. In an ideal world, information security teams are comprised of both a dedicated Red Team (attackers or offensive side) and a Blue Team (incident responders or defensive side).  I’ve never […]

Learn Concepts Not Tools

Learn Concepts Not Tools

Last week, I attended a week-long TippingPoint (a network-based intrusion prevention system) training class for work.  Nothing particularly exciting, just your typical security vendor training.  What I did find interesting, was the class was comprised of 75% TippingPoint employees, training to be part of TippingPoint’s […]

Save the Yelps

Save the Yelps

I’m a big fan of Yelp and frequently use it to find great local restaurants.  I started using it about six years ago and quickly found the user-contributed reviews and tips to be invaluable.  It proved incredibly handy when I moved to DC and knew […]

Threat Intelligence: CIF

Threat Intelligence: CIF

Introduction One of the many challenges in information security is collecting, managing, and applying threat intelligence.  Typically, threat intelligence comes from a variety of disparate sources, such as IDS rules (Sourcefire / Emerging Threats), server/application logs, historical breach data, private/public feeds, security appliances…the list goes […]

Nessus and Splunk

Nessus and Splunk

Introduction Inspired by my IP360 and Splunk integration project (here and here), I wanted to do the same for Tenable Nessus.  In a previous role I implemented Nessus + SecurityCenter and for the most part had a positive experience.  The interface was modern and I liked […]

Foodie Photography

Foodie Photography

Not security related, but a couple months ago the Food Network Magazine asked if they could use one of my pictures they found on Yelp for their May 2014 issue.  I just got a digital copy of the magazine and had to share.  Check out the […]

Python Scripts

Python Scripts

I’m consistently impressed by Python and the power it gives anyone to automate a myriad of tasks.  I encourage all security professionals to learn Python as you have or will more than likely run into a problem that requires some kind of automation.  I got […]