After a long time of no updates, I’m finally back to a “normal” schedule, but as always – there’s some new project that emerges from just being around extremely smart people and accessibility of alcohol…
So, during an exciting tweeting session at the SecurityZone green room (which is never green BTW), where all of us geeks were relaxing and instead of actually talking to each other (again – we are all in the same room), we were exchanging gestures and an occasional snicker as we “discussed” things on twitter. At one point, the question of “why on earth can’t we make defense as sexy as we managed to make offense?” (in the context of information security of course).
That started what we call “SexyDefence”.
The parties to blame are: James Arlen, Stefan Friedly, Chris Nickerson, David Kennedy, Wim Remes, Dave Marcus, Chris John Riley, Georgia Weidman, and yours truly. We managed (in 30 the 30 minutes we had before we went back to “normal” con business and ran a panel on SexyDefence) to set up a space where this new initiative would be panned out. Here are the main points (just a beginning) of what we consider as the SexyDefence “manifesto” 🙂
0. Rediscover your passion for the job you have instead of whining about the job you donâ€™t have.
1. Wake the fuck up and learn how your company works (for realz â€“ not just the techie stuff)
2. Use everything you have. whatever the â€œbadâ€ guys use is fair game for u as well. research vulns on attack toolsâ€¦
3. Intelligence. Gather it. On you, on your threat communities. Now use it. Intelligently.
4. You have more information at your disposal than you think (logs. Lots of them). Figure out a way to use it.
5. Remember that itâ€™s the users (humans) that will screw you up. Make sure your â€œplansâ€ include dealing with them (not just tech)
Feel free to take a look (and as always contribute – see PTES) here:Â http://wiki.doinginfosecright.com/index.php?title=Main_Page
p.s. – Yes, I figured that a picture of the local model Bar Refaeli in uniform would be better that the one used on James’ blog of RightSaidFred…