Saturday, February 28, 2009

Podcast Appearances

I had the pleasure of being a guest on two security podcasts this week. Wednesday night I was a guest on the Securabit podcast. I talked to the Securabit crew about the future of the Sumo Linux Project. Thursday night I was a guest on PaulDotCom Security Weekly. I did a technical segment on imaging memory called Memory Analysis: The Good vs. The Bad.

I will be talking more about both appearances soon.

Thursday, February 19, 2009

DojoSec Monthly Briefings - March 5, 2009

We are proud to announce the next DojoSec March 5th, only two weeks away!

We have a GREAT line up of dynamic speakers to include Marcus J. Ranum, Walter Barr, Sean Morrissey. Please be sure to mark your calendars and tell your friends!

Topics will include:

Marcus J. Ranum - Cyber War is B!)*&#!

There has been a great deal of irresponsible and inaccurate talk about "Cyber War" in the last decade in spite of the fact that it's technologically and militarily impractical. Its counterpart, "Cyber Espionage" makes a bit more sense, and is less mythical but falls under the category of "nothing new." In this presentation we'll look past the hype at the reality of "Cyber War".

Walter Barr & Sean Morrissey - iPhone Forensics

This presentation explains the various ways copy all data off of iPhones and the tools used to view the data. With the increased sales of iPhones across the United States and Europe, the number of iPhones that hold evidence in investigations will increase substantially. These tools include Access Data FTK, Guidance Software EnCase, X-Ways Forensics, Subrosasoft Mac Forensics, Black Bag Technologies Forensic Suite, and Paraben Device Seizure.

Some of the great advancements we in the process of making are:

1. Revamping the website (posting video's, papers, blogs, etc)
2. Looking for topics that are important to you. Please let us know topics that you like to know more about.
3. Roundtable discussions between industry experts

As a community of security professionals we are dedicated to bring you the best and brightest minds in the industry.

Tuesday, February 17, 2009

Follow DojoSec on Twitter

Twitter is being used by many organizations to keep people up to date on events. DojoSec will be providing information on all its events via Twitter. DojoSec can be followed on Twitter @dojosec.

People can also sign up for our newsletter to register for DojoSec Monthly Briefings.

Tenable's Marcus Ranum appearing on March 5, 2009 - Columbia, Maryland

Marcus J. Ranum is a world-renowned expert on security system design and implementation. He is recognized as the inventor of the proxy firewall, and the implementer of the first commercial firewall product. Since the late 1980's, he has designed a number of groundbreaking security products including the DEC SEAL, the TIS firewall toolkit, the Gauntlet firewall, and NFR's Network Flight Recorder intrusion detection system. He has been involved in every level of operations of a security product business, from developer, to founder and CEO of NFR.

Since joining Tenable in 2004, Mr. Ranum has been Chief Security Officer at Tenable, maker of the world renowned Nessus Vulnerability Scanner and Unified Security Monitoring enterprise solution. At Tenable, Mr. Ranum is responsible for research in logging tools, product training and product/best practice evangelism. In addition, Marcus is instrumental in the design of Tenable's Unified Security Monitoring enterprise solution.

Prior to Tenable, Mr. Ranum had served as a consultant to many FORTUNE 500 firms and national governments, as well as serving as a guest lecturer and instructor at numerous high-tech conferences. In 2001, he was awarded the TISC "Clue" award for service to the security community, and the ISSA Lifetime Achievement Award. Mr. Ranum was most recently senior scientist at Trusecure Corp., an international risk management firm. He serves as a technology advisor to a number of start-ups, established concerns and venture capital groups.

Tuesday, February 10, 2009

The Next Generation of Security Professionals

Wow, Shmoocon 2009 was great! I made a short post a couple of weeks ago about the value of Twitter. Shmoocon solidified my belief in Twitter. I met several Security Twits at Shmoocon and I found that we already had rapport based on tweets (messages on Twitter).

The thing I take away from Shmoocon is how refreshing it was to see the next generation of security professionals. I honestly learned more outside in the hallways and firetalks than in the official accepted talks. It was an unbelievable networking opportunity. This is coming from someone who tweeted, "Why do people go to hacker conferences?" a while back.

I made the most of the opportunity and met as many people as possible. I made many connections at Shmoocon that I know will last long-term. There are plenty of hard working "hackers" that are just as concerned about security as any "CISSP" I've ever met. These are brilliant people who don't necessarily conform to conventional wisdom.

Now, that's my type of people. These people are the future of national security and we need to listen to them in order to defend our country, seriously. I look forward to attending more "hacker" cons in the near future.

P.S. Props to Mubix for setting up Podcasters Meetup and Firetalks.

-MJC