Category: Uncategorized

  • Backpacking In Europe – Two Weeks Of Flights 2021

    This is somewhat of a “stream of consciousness” diary of my EU Flight Trip – 10/25/21-11/8/21. Yes, it’s long (sums up over 40 hours of flying), and veers off the security/hacking/risk content typically here. But it’s a new hobby for me, and I do find it fascinating and teaching – especially how to approach a…

  • Random CSO Musing

    One of the biggest challenges of running a security organization is balancing the ongoing efforts, with strategic directions, all while keeping the “pressure” on to increase the maturity across the prioritized elements that give you the most risk reduction over time. Seems like a bunch of management words, I admit, but it’s truly one of…

  • Dumpster fires and security incidents

    Full disclosure: this post isn’t about security per-se. It’s here because of recent conversations I’ve had with people from outside the immediate security “industry” who wondered about Equifax from a technical perspective, but mostly from a “WTF are these guys smoking” one ;-). I’m also happily not selling any of this (although I did in…

  • PTES, remaining impartial, and insisting on high standards

    PTES, remaining impartial, and insisting on high standards

    The PTES (Penetration Testing Execution Standard) is standard that a small group of highly motivated and passionate practitioners have created (and yours truly). As such, it is designed to define how a penetration test should be executed – from start to finish. We tried not to skip a single element. We worked tirelessly to make…