Threats, Threat Modeling and Analysis

This is a super high level presentation about basic threat modeling, SDL, and why a proactive stance is better than a reactive. I thought that it was fun.

Threats, Threat Modeling and Analysis

I’ve had even less time to myself than usual lately so let me apologize in advance for not separating and expanding on my speaking [...]

May 21st, 2010 | Tags: , , , | Category: Information Security, Presentations | 3 comments

The Art of Keeping Things Done

The current field of information security is largely one of arcana, vagueness, arbitrary views, philosophy, mountaintop sages, a general lack of reliable data, and legions of vendors selling “best practices.”

It was my hope that I could help out a little by giving a talk on my take of how our industry can best navigate during these turbulent and weird times and come toward relevance and transparency.

That’s enough of a preface. Here’s the talk I gave at the Seattle NAISG meeting this month.

Continue reading The Art of Keeping Things Done

April 9th, 2010 | Tags: , , , | Category: Information Security, Presentations | 11 comments

The Trials of Toorcamp

Toorcamp was many things this year.

It was fun.

It was uncomfortable.

Dustdevils ate things occasionally.

It was turbulent due to the trouble with Levitate to get hackers to help promote their event for free or they wouldn’t fulfill their agreement to let us use the missile facility for talks and workshops.

There was some excellent music.

There were fine people in attendance as it took some dedication and preparation to get out there and stay there.

Enough said about that. I was expecting more problems. More can be found at the Toorcamp wiki.

My presentation at this Toorcon Seattle area hacker retreat was concerned itself with three main points.

  1. How to get a job in todays market
  2. Identifying the common players and bad actors in todays organizations
  3. How I recommend dealing with them

I entitled my talk Hacking HR in the traditional usage of the word hack. I’ve seen a lot of usage that uses “hack” as a synonym for small tips on how to accomplish obvious tasks. This isn’t how I use the word.

Anyway, let’s get started.

Continue reading The Trials of Toorcamp

July 16th, 2009 | Tags: , , , , , , | Category: Business, Information Security, Management, Presentations | Leave a comment

My talk at Seattle Toorcon 2008

I gave a little talk this weekend at the second Seattle Toorcon.

My presentation is as follows, though as usual, I ad lib when presenting. Video may appear in the future.

Continue reading My talk at Seattle Toorcon 2008

April 19th, 2008 | Tags: , , , | Category: Information Security, Presentations | Leave a comment

ITCi 2007

This is the presentation that I gave earlier this week at the ITCi Conference in San Diego, California. It was well received and fostered a lot of interesting discussion.

My recording of the event on my laptop had enough problems as to be distracting, so I gave up on using it to export a real-time presentation. Instead I will try to give my speaking points inline with my individual slides. If a good audio recording becomes available, I will kick out a video format of this presentation synched with discussion audio. I was hoping to make use of some of the new Keynote functionality, but the audio and speaking position setup was a little questionable and I was unable to see my speaking notes, so I winged it freestyle. Everything seems to go well in a free form way.

Anyway. On to my presentation.

Continue reading ITCi 2007

November 12th, 2007 | Tags: , , | Category: Business, Information Security, Management, Presentations | One comment
 
  Older Entries »