I keep having this conversation with former students: "Hey John, remember that thing we talked about in class? It's just like what was in the news the other day!"
Exactly.
The SANS Hacker Techniques, Exploits, and Incident Handling class (SEC 504) has one goal: Teach defenders how attackers are breaking into systems and how to defend against those attacks.
I am pleased to announce that I will be teaching SEC 504 at SANS Community Albuquerque April 25-30. We'll cover the material written by the visionary Ed Skoudis and his co-authors. We'll also discuss current news and what's going on behind the scenes. And, we'll end the week with a rockin' cool Capture the Flag contest to test your new and existing skillz.
Come join me! I guarantee a fun and informative week. :-)
Friday, April 01, 2011
Sunday, January 09, 2011
Lector, si monumentum requiris, circumspice
When Christopher Wren died in 1723, this epitaph was inscribed on his tombstone at St. Paul's Cathedral in London: Reader, if you seek his memorial, look around you.
As one of the most noted English architects, and founder of the Royal Society, the monument to his memory was wrought by his own hands over many years before his mortal end.
It is telling that part of Wren's material legacy included the rebuilding of 50 churches and St. Paul's Cathedral after the Great Fire of London in 1666. From chaos, order. Now, just in case I have piqued the interest of freemasons and occultists -- I really mean this in the most literal sense: the destruction wrought by nature (or even not by nature) has always become an opportunity for creative minds to build something from the ashes.
This cycle of destruction and rebirth is the true human condition, but the detail we often forget is that we create the order and the chaos.
Every day, look around and ask what your monument will be.
As one of the most noted English architects, and founder of the Royal Society, the monument to his memory was wrought by his own hands over many years before his mortal end.
It is telling that part of Wren's material legacy included the rebuilding of 50 churches and St. Paul's Cathedral after the Great Fire of London in 1666. From chaos, order. Now, just in case I have piqued the interest of freemasons and occultists -- I really mean this in the most literal sense: the destruction wrought by nature (or even not by nature) has always become an opportunity for creative minds to build something from the ashes.
This cycle of destruction and rebirth is the true human condition, but the detail we often forget is that we create the order and the chaos.
Every day, look around and ask what your monument will be.
Tuesday, November 30, 2010
You keep using that word...
A few weeks ago I found myself at a vendor presentation by a well-known physical security vendor. I was looking forward to the discussion on "advanced video analytics" and other cutting edge developments. Unfortunately, this was a pure sales pitch... and the "advanced technology" was primarily focused on how this vendor could help scale the customers' security camera video storage by placing it on a "secure server in the cloud."
I was quiet up to this point in the presentation. But, I had to ask: "What do you mean by, a 'secure server' in the cloud?" The room got a little quieter. The sales guy, his pace interrupted, looked at me with complete sincerity and said: "I mean we secure it for you."
I didn't think he meant that he, himself, was hardening the OS and running assessments against it. Even so, with security cameras and alarms as their forte, I couldn't understand how it made sense for anyone at his company to provide such a service.
The morale of this story is: Question everything.
I would never trust my security camera video data to a company storing it in the cloud -- at least not until I had a chance to check it thoroughly (yes, myself). Believe me, I've recently checked other products thoroughly and found them -- let's just say -- not quite meeting expectations.
I was quiet up to this point in the presentation. But, I had to ask: "What do you mean by, a 'secure server' in the cloud?" The room got a little quieter. The sales guy, his pace interrupted, looked at me with complete sincerity and said: "I mean we secure it for you."
I didn't think he meant that he, himself, was hardening the OS and running assessments against it. Even so, with security cameras and alarms as their forte, I couldn't understand how it made sense for anyone at his company to provide such a service.
The morale of this story is: Question everything.
I would never trust my security camera video data to a company storing it in the cloud -- at least not until I had a chance to check it thoroughly (yes, myself). Believe me, I've recently checked other products thoroughly and found them -- let's just say -- not quite meeting expectations.
Subscribe to:
Posts (Atom)
