My Writing

• Training Presentations, Webcasts and Speaking Engagements
• Authentication Critical Log Review Checklist for Security Incidents
  This checklist covers log review for incident response and routine monitoring: copy logs centrally, minimize noise by removing benign entries, verify timestamps, focus on changes and failures, work...
• Cheat Sheets Security Incident Survey Cheat Sheet for Server Administrators
  This cheat sheet helps server administrators examine suspect systems to decide whether to escalate for incident response. Avoid actions that access many files; look at logs, network connections,...
• Malware Wish-List for Endpoint Anti-Malware Products
  Endpoint security products should be unobtrusive by auto-tuning UI complexity based on user proficiency and only interrupting for critical alerts. They should baseline browsing patterns to flag...
• Privacy Teens on Formspring Are Redefining Privacy Norms
  Sites like Formspring encourage teens to answer personal questions that mirror password-reset security questions—favorite colors, restaurants, and pet names. As privacy norms change and more personal...
• Malware 4 Steps To Combat Malware Enterprise-Wide
  Enterprise malware defense follows four phases: Plan by understanding infection vectors and prioritizing targets; Resist using enterprise management systems to deploy controls at scale; Detect...