infosec

Sony Breach Thoughts

Charles Herring 18 December 2014

While I don't like "vendor dogpiles" every time there is a mainstream cybersecurity breach, they do serve as good opportunities to change InfoSec paradigms. In this article discusses the value of monitoring with enforcement as well as repairing or creating response processes.

Read more about Sony Breach Thoughts

GrrCon Presentation

Charles Herring 18 October 2014

Deck and video of my GrrCON talk.

Read more about GrrCon Presentation

Converge Conference Presentation

Charles Herring 10 July 2014

My presentation deck from Converge Conference can be downloaded here.

Read more about Converge Conference Presentation

Coaxing Heads from the Security Sand

Charles Herring Wed, 06/11/2014 - 08:03

Some organizations have chosen to adopt a "plausible deniability" strategy to InfoSec. This article outlines some methods of helping these organizations move to a safer security practice.

Read more about Coaxing Heads from the Security Sand

3 Lessons to Unlearn from the Target Dogpile

Charles Herring 15 May 2014

3 dangerous "lessons" that have come from Target Breach discussions that we need to quickly unlearn.

Read more about 3 Lessons to Unlearn from the Target Dogpile

Protecting Windows XP from Exploit

Charles Herring Mon, 02/24/2014 - 08:00

With Microsoft discontinuing support of Windows XP, organizations need guidance on how to protect the legacy machines they can't replace.

Read more about Protecting Windows XP from Exploit

Evaluating NetFlow Tools for InfoSec

Charles Herring Sun, 07/21/2013 - 11:06

Using NetFlow for Information Security has some unique challenges that NETOPS tools don't have to deal with. I put Splunk head to head against StealthWatch and lay out methodolgies for testing other tools.

Read more about Evaluating NetFlow Tools for InfoSec

Subscribe to infosec

Search

Sony Breach Thoughts

GrrCon Presentation

Converge Conference Presentation

3 Lessons to Unlearn from the Target Dogpile