blog.blackswansecurity.com
Management | Black Swan Security
http://blog.blackswansecurity.com/category/mgmt
A blog about cybersecurity. Archive for the ‘Management’ Category. Not so basic but definitely essential. Monday, April 3rd, 2017. IT Maintenance (patching, replacing end-of-life platforms, inventories, baseline builds etc),. Network security (internal segmentation),. Access Management (efficient joiners, movers, leavers processes, privileged user management). Security Monitoring (effective visibility),. Incident Response (tested plans, exercised staff). Monday, January 23rd, 2017. Lord Kelvin, 1824-1907.
blog.blackswansecurity.com
analytics | Black Swan Security
http://blog.blackswansecurity.com/tag/analytics
A blog about cybersecurity. Posts Tagged ‘analytics’. Security Analytics Beyond Cyber. Sunday, January 4th, 2015. I presented at 44con. 2014 on moving security analytics on from network defense and rapid response towards supporting data-driven and evidence-driven security management, my presentation is on slideshare below:. Security Analytics Beyond Cyber. Security Analysis for Humans. Tuesday, December 9th, 2014. I was inspired to consider some guiding principles for conducting security analysis. SOC Va...
blog.blackswansecurity.com
architecture | Black Swan Security
http://blog.blackswansecurity.com/tag/architecture-2
A blog about cybersecurity. Posts Tagged ‘architecture’. The security opportunity in Digital. Friday, September 16th, 2016. Four years ago I discussed. Measuring Black Boxes, part one. Monday, November 2nd, 2015. Due to the scale and complexity of many of the systems I have worked with a large part of the process has been to decompose a system and measure and characterise it’s components. This allows me to identify high risk areas of the system to focus my efforts. We need to talk about IT. It has long b...
blog.blackswansecurity.com
big data | Black Swan Security
http://blog.blackswansecurity.com/tag/big-data
A blog about cybersecurity. Posts Tagged ‘big data’. Security Analytics Beyond Cyber. Sunday, January 4th, 2015. I presented at 44con. 2014 on moving security analytics on from network defense and rapid response towards supporting data-driven and evidence-driven security management, my presentation is on slideshare below:. Security Analytics Beyond Cyber. Big Data Security Analytics Paper. Monday, March 10th, 2014. Considerations for developing Big Data Security Analytics: A Practical Guide. Anton Chuvak...
detroitdavesraves.blogspot.com
Detroit Dave's Raves: Augusta's HORRIBLE drivers and Network Insiders
http://detroitdavesraves.blogspot.com/2014/06/augustas-horrible-drivers-and-network.html
Tuesday, June 17, 2014. Augusta's HORRIBLE drivers and Network Insiders. I have been having this thought circling my overly-active.for about a week now. I was driving home from the VA hospital last week, taking one of my normal, short routes to get home. One particular stretch of the road I was on has three traffic lights all within [about] a half-mile total. These lights are, naturally! A couple of quick points on the problem:. But they are still breaking the law, trying to sneak by the rules and sneak ...
multiple-hats.blogspot.com
Multiple Hats: Work Life Balance, and Taking Vacations
http://multiple-hats.blogspot.com/2014/10/work-life-balance-and-taking-vacations.html
A blog of what I'm working on with tech today. Work Life Balance, and Taking Vacations. It's important to take vacation; human psychology is setup to benefit across the board from detaching from work, and vacation is one of the biggest/easiest ways to do so. Some folks have trouble taking vacation, or aren't sure how to work it in. Here are eight strategies that I've seen work, enable easier leaves, and hopefully get more benefit from the same days off. Strategy 1: Ample Lead Time. Another coworker reali...
multiple-hats.blogspot.com
Multiple Hats: Randy and the Seven Habits
http://multiple-hats.blogspot.com/2015/05/randy-and-seven-habits.html
A blog of what I'm working on with tech today. Randy and the Seven Habits. Randy Pausch came up at work, and he wound up giving me good advice years ago, so I added that to the discussion; while it's on my mind, here goes. His advice boiled down to:. Look at how you spend your time, and list it out. Prioritize that list, based on how much you and your society gets out of it. Start at the bottom, and start cutting. Actively choose replacements that make future-you a better human being. Sharpen the saw"...
multiple-hats.blogspot.com
Multiple Hats: Document the Difference
http://multiple-hats.blogspot.com/2015/05/document-difference.html
A blog of what I'm working on with tech today. There are a bunch of ways to describe the quality of a product you want to sell; here's three of them. Are most of the engineers who worked on it proud of their work? Are people likely to pay for it? Are people who paid for it likely to recommend it to others? Higher-than-normal attrition of engineers is just about the worst thing you can have happen; after long enough on any product, engineers have knowledge in their heads that's more costly to replace than...
detroitdavesraves.blogspot.com
Detroit Dave's Raves: November 2013
http://detroitdavesraves.blogspot.com/2013_11_01_archive.html
Thursday, November 14, 2013. Sitting the GWAPT exam - Updating my certs. Four months ago I enrolled in the SANS On-Demand course for SANS542, Web Application Penetration Testing. I chose this course as I love pen testing, I understand and enjoy working with web technologies (My Master's project was web services), and the course looked exciting as Kevin Johnson, the creator of SamuraiWTF, was the "instructor" for the course. I will stop ranting now, before I get too high on my soapbox. The confidence ...
SOCIAL ENGAGEMENT