Forget what you know, what you think you know about attribution - I present to you Javvad’s Attribution Methodology or Javtribution(tm) for short. Maybe Dr. Krypt3ia will yell Javtribution Shmattribution and try to poke holes in my findings - but I assure you, my findings can be considered holy enough without any poking. There are … Continue reading Javtribution →

Step 1: Setup a large screen on the wall. Play the threatbutt map on the large screen http://threatbutt.com/map/ Step 2: Whilst dressed up in your hoodie and surrounded by empty cans of energy drinks, keep looking up at the screen and uttering some techno-babble. It doesn't matter what you say as long as you say it … Continue reading Become a Hollywood Hacker in 3 simple steps →

At RSA 2015, Thom Langford gave, in my opinion, an outstanding presentation entitled, Stop selling and start marketing your information security program. I shared it with a few of my friends who I knew were working on security programs at their own companies as there was a lot of useful information in the talk. One … Continue reading It’s simple, but not easy to become a better speaker →

Do you ever get bored when someone starts of a presentation by going over how bad the infosec situation is? They'll quote figures of breaches and how vulnerabilities are going through the roof. Or maybe you're pressed for time and need to get to the meaty part of your security presentation but want to make … Continue reading Security Haiku →

Last weekend I came to the conclusion that Bane - the bad guy from The Dark Knight Rises would make the perfect chief information security officer.