• Archive

  • Securing Your Network on a Budget

    Securing your network on a budget is a challenge most organizations face. Questions come to mind such as:Are we investing enough in information security?Are we over investing in information security?What are other companies like ours investing?What are our competitors doing for information [...]

    Read more

    How to Catch a Hacker

    How to catch a hacker is a question that I get on a regular basis. Your success in catching a hacker largely depends on your preparation before you are hacked. Traditional incident response is the typical ways of catching a hacker, but in some cases that approach is cost prohibitive.When a [...]

    Read more

    Digital Forensics Investigations

    Digital forensics investigations are critical to solving cases such as intellectual property theft and computer incidents. Digital forensics and e-discovery includes analyzing computers, servers, mobile devices, logs, network traffic, and surveillance video in some cases.Digital forensics [...]

    Read more

    HTTPS Inspection

    12 Jan 2021
    HTTPS Inspection

    HTTPS Inspection is the process of examining network traffic that takes place over SSL or TLS. This allows your intrusion prevention/detection devices to examine that encrypted traffic for malware and intrusion attempts.HTTPS Inspection is the modern approach to detecting malware and intrusions[...]

    Read more

    Image Forensics

    11 Jan 2021
    Image Forensics

    Image forensics is the analysis of what evidence or information can be obtained from images taken with digital cameras or mobile devices. For the purpose of this blog I'm going to focus on the photo of a cat.As a forensic analyst the first thing I want to examine is the meta-data associated[...]

    Read more

    Small Business Web Application Penetration Testing

    Small Business Web Application Penetration Testing is essential to ensure your web application doesn't become the source of a breach. We perform web application penetration testing locally here in Oklahoma City and the United States, as well as countries that include Dubai, Ireland, Canada, [...]

    Read more

    Targeted Attack Dissection

    It was early in the morning when the phone rang. I knew immediately this wasn't a robocall since it was a special ringtone assigned to an international client. I recall the panicked voice on the other end reporting they are under attack. This was a targeted attack as the client went on to explain.[...]

    Read more

    The Changing Role of CISO

    The role of CISO is evolving. The number of security breaches that have occurred over the last year is unprecedented and demonstrates a need for more effective security. CISO responsibility is changing, in dynamic threat environment, greater business engagement requires CISOs to realign priorities [...]

    Read more

    Incident response programs require careful consideration before you build the program. Things to consider are:Talent: You need a multi-disciplinary approach to building the team. Ideally you would want to have members of the server team, network team, help desk, human resources, and [...]

    Read more

    Risk Assessing IoT Devices

    Risk assessing IoT devices should be done before they are placed on your network. In this presentation I discuss policy and procedure for IoT devices. Your IoT policy should state that IoT devices should not leave the environment without being sanitized.The next step of risk assessing IoT [...]

    Read more