Well, maybe I’ll get a great refund in in 2009

Apparently the IRS just realized that they had about 1,800 unauthorized web servers attached to their corporate network!!! Now I’m glad to hear that their CIO is working to get them removed, but sounds to me this is a great opportunity for them to implement a domain isolation model using IPsec. Now you know I’m…


Death Star Threat Modeling (Part II)

Here’s Part II of Kevin’s excellent session on Threat Modeling: Death Star Threat Modeling (Part II)


Meet The Feds: Part 2

We start off this episode with Agent Lynd explaining to us the danger of botnets and who these bot pimps are targeting. We see that some of these bad guys are using these “zombie networks” to commit extortion (or face the wrath of my botnet doing a DDoS against your business.) Good stuff. Allyn goes…


Not your Mama's Webcasts: Kai does the Defense in Depth Webcast Series

Hopefully you were able to join me for a terrific two weeks of webcasts!! In 8 sessions we covered every layer of the security model known as “defense in depth”. For those of you who missed out on the great fun we had, here’s a way to go and check out the recordings. I did…


Dripping Data: Understanding and Reducing Insider Threat (Part IX) - Oldies, but Goodies

Well….I received an absolutely unexpected and pleasure of an email from one of the excellent speakers over at the The Centre for Counterintelligence and Security Studies about my blog posts! I’m not sure they were reading or simply scanning for references to their website, but hey…I’m not picky! They have an absolute ton of information…


It's like having a GSOC of your very own: The Global Real Time Incident Map

Got too much time on your hands? Feel a need to monitor the entire world for security incidents? Then check this out. I just heard about this and wanted to get it posted, so you guys can see what’s not making the evening news. It’s a pretty cool website that is updated in almost real…


Wow! I wonder who's going to take the heat for this?

On the topic of “Ouch. Recently a Chinese Jin-class (Type 094) nuclear attack sub was picked up by a popular mapping application (not Windows Local.live.com….but the OTHER guys.) According to the Strategic Security Blog, it was imaged by a Quickbird satellite system. Of course, since this is China’s newest (and probably secret) new sub, someone is…


Hot Sexy Models Demonstrate Threat

I’m guessing your here to see the “sexy models”. Well, I’m about to start delivering a session on Threat Modeling, which is about 100x more useful than any runway modeling. I’ll leave the glamour modeling to Tyra Banks and Heidi Klum. (I especially don’t want to fill anyone’s buffer of Kai strolling down a runway in…