It was my first time in Chicago, which I must say did not live up to its reputation of being windy at all – in fact the weather was quite pleasant. But I wasn’t in town to see the sites or enjoy the mild weather; I was here for the (ISC)2 Congress conference. I do … Continue reading (ISC)2 Congress 2013 recap: Talks, weird DM’s & Rick Rolling →

For the second year in a row I managed to get myself over to the madness in Vegas for the week that features Blackhat, BsidesLV and Defcon. Having been there last year for the first time - I felt like a seasoned pro going in for year two. No longer was I going to be … Continue reading Blackhat, BsidesLV and Defcon 2013 →

Continuing my look into WiFi vulnerabilities I came across Snoopy developed by Daniel and Glenn at Sensepost. You can read about the project in more detail and find links to download it on this blog post - alternatively; you can watch their talk on the topic at 44Con 2012.

Went I went to RSA in San Francisco back in February 2013, I also got a chance to attend and speak (briefly) at BsidesSF. As a speaker, I was pleasantly surprised to receive a speaker goodie bag. To my sheer geeky delight it had a Wifi Pineapple inside! So I thought it would make a … Continue reading WiFi insecurity part 1 – The Pineapple →

Ever find one of your favourite websites is blocked? Well, Lahana is a quick and easy way to bypass basic filtering. Find out more at http://lahana.dreamcats.org

Are PR professionals   a) Competent b) Annoying c) A necessary evil d) Well-meaning and gracious people e) All of the above   One thing that can be universally agreed upon is that not all PR pro's are created equal and some can be pretty annoying. So I break down a few of the common … Continue reading PR Fails →

Ever wondered what an asset is? Well wonder no more... either that or continue to wonder.  

I recently read Gene Kim's book, "The Phoenix Project" and decided it was worthy of a video review. http://rcm-uk.amazon.co.uk/e/cm?lt1=_blank&bc1=000000&IS2=1&bg1=FFFFFF&fc1=000000&lc1=0000FF&t=httpwwwj4vv4d-21&o=2&p=8&l=as4&m=amazon&f=ifr&ref=ss_til&asins=B00AZRBLHO

At last weeks Infosec Europe, fellow blogger, friend and information security executive Jitender Arora was involved in a debate that asked the question whether the auditor was  friend or foe to the security department. This was an interesting debate that for many can bring up many mixed emotions and feelings. But it reminds me of … Continue reading Dealing with an auditor →

Log management and SIEM are not really spoken about by those outside of security and understood even less. I guess one of the reasons is that unless there are a relatively large number of logs to go through (or there is actually have an interest in doing so) most people will not really do much … Continue reading Log management →