Here are a few of the media clippings from the past years. I have had the pleasure of being interviewed multiple times to media outlets around the world and discuss findings, general security and technology topics, express my opinions on ongoing matters, and speak at conferences.
First of all - the easiest: my current blog. Older posts under the former Finjan and Aladdin are a bit harder to find as both were acquired and renamed, while losing the original blogs.
For a summarized view of most of my publications through different media outlets over the years you can view this Google Archive Search.
If you'd like to inquire about a speaking opportunity, I'm usually booked 2-3 months in advance, but feel free to email me or use my contact form. Note that at a minimum travel and acommodations should be covered, along with a negotiable speaker honorarium.
|2017||July||Keynoted CyberWeek in Tel Aviv, speaking about securing the Cloud [Video]
|2016||July||Featured on Vice's Cyberwar in an episode focusing on China as a subject matter expert.
|June||Keynote for BSidesClevalend
ShowMeCon in St. Louis, Missoury - Social Media Risk Metrics
Area41 in Zurich, Switzerland - Social Media Risk Metrics
|April||InfoSecWorld at Orlando, FL - Actionable Threat Intelligence
Featured on CSO Online - Two perspectives on social media for security leaders
|March||RSA Conference - Social Media Risk Metrics.
|February||Zoncon - Amazon's Security Conference. Keynote speaker.
|2015||December||BSidesDC - Actionable Threat Intelligence
|October||Hacked Opinion - The legalities of hacking on CSO Online
PACE University Cybersecurity Symposium on Threat Intelligence
|September||DerbyCon - Social Media Risk Metrics
|August||Commentary on the Hacking Team breach - CSO Online
BSidesLV Actionable Threat Intelligence
|June||You Shot The Sheriff 9 Sau Paulo, Brazil - Actionable Threat Intelligence
CSA Nordic Summit 2015 - Olso, Norway. Actionable Threat Intelligence
CSO Online coverage on actionable threat intelligence
CircleCityCon 2015 - Indianapolis, Indiana. Actionable Threat Intelligence video.
|May||IT Hot Topics 2015 - Greensboro, North Carolina - Actionable Threat Intelligence
|March||ISTS SPARSA at Rochester Institute of Technology (RIT) - Keynoting the event, and participating in the Red Team
|January||A few notes on the proposed cybersecurity bill on CSO Online
Commentary on the @CENTCOM twitter and YouTube account hacking on DarkReading, SecurityWeek as well as eWeek and SC Magazine
Commentary on SC Magazine about the pro-ISIS hacking of local news stations
|2014||December||Chosen as one of SC Magazine's top experts through the years
Quoted on NBC's Today on the Sony hack
Commentary on the Sony breach on TechNewsWorld
|November||Commentary on the iWorm patch on CIO Magazine
Commentary on the Regin malware on eSecurity Planet as well as SearchSecurity
FeedbackFriday commentary on SecurityWeek Magazine
|September||Derbycon - conducting Red Team Training with Chris Nickerson. Additionally speaking on Painting a Company Red and Blue
|May||Featured on Narrative.ly's article as part of a series "The spies among us": Attack of the Superhackers
|March||Panelist on Fox Business' "Money with Melissa Francis on NSA surveillance and President Obama's meeting with tech CEOs.
Panelist on Fox Business' "Money with Melissa Francis" on power grid security.
|February||Featured on Fox Business' "Money with Melissa Francis" on Chip-and-PIN (EMV) security.
|2013||November||Featured on CNN Money's "How Corporate America fights hackers".
|September||Seeing red in your future? and Red Team Training at Derbycon.|
"Cyber" security - all good, no need to worry? at SecurityZone. Interview with ComputerWorld.
|July||Red Team Testing Training at BlackHat USA 2013
|March||ZonCon at Amazon's HQ in Seattle: SexyDefense in the forest
|January||NCSC Symposium SexyDefense, and Red Team Training
Alt-S at The Hague, Netherlands
|2012||December||SecurityZone 2012 in Cali, Colombia: SexyDefense
|September||DerbyCon Training, and speaking on SexyDefense (video)
Brucon Red-Team Testing class with Chris Nickerson
|July||BlackHat USA Briefings 2012 presented SexyDefense - Maximizing the home-field advantage
BSidesLV presenting SexyDefense
V3.co.uk: Black Hat: Businesses at risk from over-reliance on automated tools, researchers warn (pfd).
SC Magazine: Black Hat: Security pros must evolve their defensive strategy.
MIT Technology Review: Hey, Hackers: Defense Is Sexy, Too (PDF).
NakedSecuity (Sophos' blog): Black Hat - SexyDefense, maximizing the home-field advantage.
|May||YSTS (You Shot The Sheriff) conference, Sao Paolo, Brasil. Sexy Defense
|April||Source Boston - presented a talk: "Sexy Defense"
Also at Source Boston - Red Team Testing training.
DarkReading article on the SexyDefense talk. (PDF)
InfoWorld article covering Sexy Defense. (PDF)
Midsize Insider SexyDefense coverage.
Fierce CIO SexyDefense coverage.
IRANIAN CYBER THREAT TO THE U.S. HOMELAND Quoted as a source for a congressional hearing.
|March||HackCon, Oslo, Norway. Advanced Data exfiltration
|January||Calcalist article on the recent hacking events in Israel [Print version]
Channel 1 news article on the recent hacking events in Israel
Govcert.NL Symposium - Adavnced data exfiltration - the way Q would have done it
Source Barcelona - presenting a talk on advanced data exfiltration
HashDays - "Pushing in, and pulling out slowly without anyone paying attention", and management sessions speaker.
Brucon presented a talk on advanced data exfiltration, APT and red-team testing (Video)
BSides Las-Vegas presented 2 talks on VoIP botnets and Advanced Data Exfiltration
DefCon 19 Participated in the DCG & Hackerspaces panel and talked about VoIP botnets and data exfiltration
Dark Reading coverage of the Advanced Data Exfiltration talk (local cache)
Galatz Radio interview on Cyber Security threats, and international diplomacy
Security BSides Vienna / NinjaCon 11
23rd Annual FIRST Conference
National greek news article on Athcon (Greek)
Athcon 2011 security conference
|May||People's Daily Online article. (English version of Chinese news) cached
PenTest Magazine article on how to avoid meaningless pentests
SOURCE Boston security conference
Featured article on the Pentest Magazine
DC9723 Introduction to the Penetration Testing Execution Standard
ISDPodcast interview covering Security-Art's annual report, FAIR and the pentest standard (cached mp3)
TheMarker coverage of our annual report (print edition)
Featured on CyberwarfareZone
Sophos' Naked Security blog guest post
BerlinSides hacker conference
CSA-IL Conference - Intro to the technology showcase.
DeepSec conference in Viena.
International Conference on Cyber Terrorism hosted by the ICT at IDC Israel.
CSFI Stuxnet report published with my contribution (also on the CSFI page)
NATO's CCD-COE (Cooperative Cyber Defence Center Of Excellence) strategy setting workshop. Subject matter expert for creating NATO's cyber strategy for 2011.
Brucon 2010 and the video (please use a mirror!)
SOURCE Barcelona and a brief interview
EuroTrashSecurity podcast (Microtrash 10) mp3
FIRST 2010 Interview (mp3)
DefCon 18 (updated with Video and the slide deck)
InfoSec Daily podcast
22nd FIRST Conference
CSO Forum Magazine
ISDPodcast interview (cached mp3)
AthCon (Athens, Greece)
El Pais (Spanish) local pdf copy
Global Security Mag (French)
BlackHat EU 2010 Presentation slides and whitepaper
|March||Exotic Liability podcast|
|2009||November||ExcaliburCon (WuXi, China)
|September||HackerHalted conference (EC Council @Miami)
|July||DefCon 17 (updated with video)
|April||The IET (Video interview)
|March||MiddleGround (e-Crime congress UK publication)
What to buy for Business
01 Informatique (French)
|January||What to buy for business
The Web2.0 Attack Vector - white paper
|October||BlueHat Security Conference at Microsoft HQ in Redmond, WA
De Beveiligingsupdate (Dutch - podcast in english at 23:10 minutes)
|May||San Francisco Chronicle (Different spokesperson named for the company)|
Mag Securs (French)
DefCon 15 talk