RSA is almost upon us which signifies a time of big announcements. Or at the very least, small announcements are made in a way to make them seem big. My blog has been my own walled-garden for several years now. It’s gone through many incarnations. But it’s the primary place where I jot down thoughts, … Continue reading Breaking the Fourth Wall
Author: j4vv4d
Delivering bad security news
Working in IT security means that more often than not you'll be delivering bad news. Conduct a risk assessment and you'll have to explain all the risks that exist. If you're a QSA, you'll have to break the news of how the client isn't PCI compliant. And if you're a penetration tester, then... well, there's … Continue reading Delivering bad security news
Why infosec can be like internet commentators
I try not to read the comments. Like ever. But often they are like those scabs you don't recall getting. You know it would get better if you stopped picking at it, but your fingernails can't resist the urge to scratch - that's what fingernails are for aren't they? Every now and then, I read … Continue reading Why infosec can be like internet commentators
Putting a Canary in your Data Mine
Despite having many monitoring and detection tools, many companies fail to identify attackers that have gained a foothold within their networks. Many times, a company is only aware of a breach after a 3rd party has informed them. It’s not that current tools can’t catch an attackers lateral movement within the network. Rather, the relevant … Continue reading Putting a Canary in your Data Mine
Casting a Digital Shadow over Threat Intelligence
Stand alone pure-play threat intelligence firms have all started with great promise. But somewhere along the way, many have not fully realised their potential. Recent notable threat intelligence vendor acquisitions Target Acquirer Date Amount Malcovery (key assets) PhishMe Oct 14 2015 Undisclosed iSight Partners FireEye Jan 20 2016 $200m Cyveillance LookingGlass Dec 10 2015 Undisclosed … Continue reading Casting a Digital Shadow over Threat Intelligence
Finding your passion
A few months ago, I gave my 2p (2.9c) on how one could find their niche. In short, it was about finding the intersection between your passion and expertise. Passion is what drives people to work beyond their set hours. It's an inner drive and desire to be better. Or as the dictionary would put … Continue reading Finding your passion
Invotas acquired by the all-seeing FireEye
Despite its stock sinking to an all time low. Milpitas, CA-based FireEye acquired iSight Partners for $200m a few weeks ago. iSight is somewhat complementary to Mandiant. But still left me with the feeling that the deal had a "hail Mary" feel to it. FireEye didn't stop to breath as it announced its acquisition of Invotas. … Continue reading Invotas acquired by the all-seeing FireEye
Accepted the Risk
One could argue that life is all a series of risks. Sometimes we remain in a state of ignorant bliss. Other times, we are aware of risks and take measures to mitigate it. But sometimes we choose to accept the risk. Accepting risk is not a bad thing. Quite the opposite. Without risk acceptance, there … Continue reading Accepted the Risk
A day with Troy Hunt
I found myself driving to meet someone I only knew from the internet. You never can be sure how these things will pan out. Luckily for me, I was meeting Troy Hunt. If you don't know of Troy, he is a super cool guy from Australia. Which means he uses the word "mate" a lot … Continue reading A day with Troy Hunt
Ramblings of a travelling madman
The airport lounge Another day another airport lounge. I'm doing my usual people watching... silently judging. The lady opposite me, looks to be in her mid 50's and a nervous flier. Or maybe she always enjoys a glass of wine and packet of crisps at 0930. A boy walks past who looks identical, albeit a … Continue reading Ramblings of a travelling madman
Javvad Malik 