My Writing

• Training Introduction to Malware Analysis - Free Recorded Webcast
• Tools More Than a Hammer: Expanding the Information Security Toolbox
  Security programs over-focus on networks and systems because infrastructure is most practitioners' background. The toolbox needs domain expertise in business functions, data analytics for measuring...
• Leadership Presentations, Webcasts and Speaking Engagements
• Authentication Critical Log Review Checklist for Security Incidents
  This checklist covers log review for incident response and routine monitoring: copy logs centrally, minimize noise by removing benign entries, verify timestamps, focus on changes and failures, work...
• Cheat Sheets Security Incident Survey Cheat Sheet for Server Administrators
  This cheat sheet helps server administrators examine suspect systems to decide whether to escalate for incident response. Avoid actions that access many files; look at logs, network connections,...
• Malware Wish-List for Endpoint Anti-Malware Products
  Endpoint security products should be unobtrusive by auto-tuning UI complexity based on user proficiency and only interrupting for critical alerts. They should baseline browsing patterns to flag...