Info Loss

Faced with a bit of a challenge recently: I had a large (multi-megabyte) packet capture file from Wireshark and needed to extract informatio...

A while back, I read a blog post at the SANS Internet Storm Center (ISC) handler's diary, " There's Value In Them There Logs ...

Generally, authorization security (determining whether a subject has access to data) is based on labels. For example, file pathnames determ...

Many years ago, I was privileged to hear Marcus Ranum speak at a conference for our regional NSFNet member network. At the time, I was of th...

The Verizon Data Breach Report 2012 (pdf) has been released. The information security industry owes Verizon gratitude for the amount of dat...

This year, my schedule at the RSA Conference 2012 was much different than previous conferences. As a speaker, I spent quite a bit of time pr...

I'm scheduled to present "Data Breaches and Web Servers: The Giant Sucking Sound" at RSA Conference 2012 - session DAS-204 on...