3 min
Exploits
What is SQL Injection?
The SQL Injection [https://www.rapid7.com/fundamentals/sql-injection-attacks/]
is one of the oldest and most embarrassing vulnerabilities web enabled code
faces. It is so old that there really is no excuse for only a niche of people
(namely web security professionals) to understand how it works. Every time I
think we've beat this topic to death, SQL Injection finds its way back into the
news. This post is my attempt to help anyone and everyone understand how it
works and why it's such a persist
1 min
Verizon DBIR
Getting Started with VERIS
We did a webcast with @hrbrmstr @gdbassett from the Verizon team last week,
discussing how to get started VERIS, the Vocabulary for Event Recording and
Incident Sharing.
If you joined us, thanks for coming out. We've attached an Excel spreadsheet
with a couple of examples to help you get started at VERIS level 2, a couple of
layouts to consider using... and we will be providing some updates. Special
thanks to Judy Nowak for her hard work on the spreadsheet -- be looking for a
blog post from her
7 min
CISOs
Security Budget Tips, from CISOs, for CISOs
CISO Series: Budgeting
I have provided a brief overview of the genesis of the CISO series
[/2015/10/27/introducing-the-ciso-blog-series], and now it is time to tackle our
first topic: security budgets. Whether you're the CISO of a large public company
or leading security at an early-stage startup, rich in headcount or forced to be
tight with the purse strings, reporting into the CIO, COO, or elsewhere in the
organization, the fact remains that budget conversations are among the most
critical and
2 min
Verizon DBIR
What is VERIS?
Data driven security is all the rage, and laughably few of us encode and analyze
our programs… and for good reason. It isn't easy. This post will talk about
VERIS, a framework for describing security incidents in a precise way.
We all have a plan, a security program, compliance regulations, and super busy
calendars—but what is working? The answer is hidden in plain sight, it just
needs to be analyzed. And this is why we all love the DBIR.
If you aren't familiar with Verizon's DBIR (Data Breach
4 min
Events
The Black Hat Attendee Guide Part 5a - The Magic of People
Joining us for the first time? This post is part of a series that starts right
here [/2015/07/13/the-black-hat-attendee-guide-part-1].
So this post is a bit of a bonus. I've asked my dear friend Quinton Jones
[https://www.linkedin.com/in/quintonjones] to share some wisdom and inspiration
on how he injects passion and energy into his introductions. He's simply
unforgettable, one of the greatest customer champions and business development
folks I know, thanks to his passion for people. Please enj
5 min
Events
The Black Hat Attendee Guide Part 7: Your Survival Kit
Joining us for the first time? This post is part seven of a series that starts
right here [/2015/07/13/the-black-hat-attendee-guide-part-1].
Hacker Summer Camp is no joke, and you've got to have a game plan when you head
for Vegas. If you don't travel frequently, this is for you.
Ignoring sartorial conundrums and basic hygiene, this post is focused on keeping
your body operating at peak… or at least somewhat operational.
Vegas: It's nothing like home for most of us. Desert allergens, low humi
10 min
Events
The Black Hat Attendee Guide Part 6: The Sponsor Hall, Arsenal, and more
_
If you are just joining us, this is the sixth post in the series starting here
[/2015/07/13/the-black-hat-attendee-guide-part-1]._
Conferences are magical and serendipitous. YouTube can't capture the electricity
you remember in the room as you tell someone “I watched Barnaby jackpot an ATM,”
as others echo back “I was there that year too!”
At technical conferences, the content leads the way—it is what brings us to the
show. Catching up on that research and work being done at “the tip of the
5 min
Events
The Black Hat Attendee Guide Part 5 - Meaningful Introductions
If you are just joining us, this is the fifth post in the series starting here
[/2015/07/13/the-black-hat-attendee-guide-part-1].
Making An Introduction
I might be wrong, but I'll argue that networking is a transitive verb, so
ENGAGE! The real magic starts happening as you progress:
* Level 1-- Start with a “Hi, my name is… ” Yes, it's that simple, thanks to
Slim Shady [https://youtu.be/dQw4w9WgXcQ?t=43s]
* Level 2-- Demonstrate that you have an idea of the world the other person
live
7 min
Events
The Black Hat Attendee Guide Part 2 - The Briefings
If you are just joining us, this is the second post in the series starting here
[/2015/07/13/the-black-hat-attendee-guide-part-1].
Content is king. Research is what binds us, and you should not be surprised that
some of the best in the game focus their annual research calendar on the Black
Hat USA CFP. Offensive security research is the tail that wags the dog—many
vendors and architects spend the year trying to get back in front of some of the
bombs dropped at Black Hat each year.
There's a
3 min
Events
The Black Hat Attendee Guide, Part 1 - How to Survive Black Hat
If you're like me, you have wanted to go to Black Hat
[http://blackhat.com/us-15/] for ages. If you're going, have a game plan. For
first timers, this series will be a primer full of guidance and survival tips.
For returning attendees, this will help maximize your experience at Black Hat.
First, I want to give you perspective on my bias, coloring guidance offered
here. My slant is that of someone who was a booth babe (sales engineer), a
speaker, an attendee, Review Board member and former Gen
4 min
Securing Credit Lines: Eating Our Own Dogfood
We InfoSec (or cybersecurity) folks, we're full of all kinds of sage wisdom:
“Put a password on your phone, tell it to self destruct after 10 failed
attempts” … check!
“Set up WPA2 on your home network!” … check!
“Install patches as fast as you can!” … (well, as best as I can?) …check!
“Freeze your credit reports!” … static
“Dogfooding [http://en.wikipedia.org/wiki/Eating_your_own_dog_food]” (verb,
slang) is a term used to reference a scenario in which a company uses its own
product to va
5 min
Heartbleed War Room - Product FAQ
Quick reference links before we dive in:
* Heartbleed Vulnerability Resources
[http://information.rapid7.com/heartbleed-vulnerability-resources.html]
* Heartbleed War Room - FAQ [/2014/04/11/heartbleed-war-room-faq]
* Using Nexpose to stop the bleeding
[/2014/04/10/using-nexpose-to-stop-the-bleeding-scanning-for-cve-2014-0160]
* Metasploit's Heartbleed scanner module
[/2014/04/09/metasploits-heartbleed-scanner-module-cve-2014-0160]
Following up on our Heartbleed War Room webcast f