For journalists of all media, please use my PGP key for e-mail communications. Most requests I receive are for validating claims of major security events or vulnerabilities.
About one out of every five events I examine turn out to be fully or partially true. Our little community is increasingly becoming filled with rotten apples.
There is also an assumption of anonymity on my part, with exceptions only in very specific and authorized situations.
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
30 January 2015 - The first virtual SplunkLive! event, focused entirely on higher education and hosted in partnership with Internet2, was a “smashing success” according to one important attendee. I promised to shave my head if we had more than 100 attendees, so here ya go By the numbers: Registrations: 3…
29 January 2015 - Hello Splunk community and welcome to the 8th installment of Smart AnSwerS! Have you ever had to babysit a dog for a friend and have to completely change your routine to make sure they don’t unleash all heck in your house? Well that’s what my week’s been like with totally different commute tim…
28 January 2015 - Over the past few months, I have been talking to a number of customer and prospects on how they use Splunk. It is fascinating how customers that started with a use of Splunk to monitor website or application have expanded their use of Splunk for Business Analytics. In this blog post, I wanted to…
24 January 2015 - Over the past 7 years Cisco and Splunk have built a broad and multi-faceted relationship. Internally Cisco IT, security, engineering and other teams use Splunk software every day for operational intelligence and security analytics. Cisco shared details at Splunk’s 2014 user conference in a session…
24 January 2015 - In our previous post, and the subsequent Cisco article, we delved into how Cisco Identity Services Engine can be used to enrich operational analytics with Splunk with personal data. Let’s look at a real-world example plus explore the latest Splunk and security integration. At Cisco Live Cisco…
29 January 2015 - Just released:Snort Subscriber Rule Set Update for 01/29/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 58 new rules and made modifications to 16 additional rules. There were no changes made to the snort.conf in this release. Talos woul…
29 January 2015 - Snort++ build 135 is now available. This is the first monthly update of the download on snort.org. You can also get the latest updates from github (snortadmin/snort3) which is updated weekly.Fixes for issues reported from the community:fix cmake issues (reported by Y M)add missing sanity…
29 January 2015 - This post describes the changes to the Http Inspect config option "profile".Snort 2.X allows users to select pre-defined HTTP server profiles using the config option "profile". The user can choose one of five predefined profiles. When defined, this option will set defaults for other config options w…
28 January 2015 - Announced at RSA, Snort 2.9.7.0 with the OpenAppID preprocessor, rule keywords and new features have generated an immense amount of interest in the Snort community.If you are not familiar with OpenAppID, you can check out all of our posts about the subject.We wanted to hold a NEW webinar in order fo…
27 January 2015 - Just released:Snort Subscriber Rule Set Update for 01/27/2015We welcome the introduction of the newest rule release from Talos. In this release we introduced 28 new rules and made modifications to 17 additional rules. There were no changes made to the snort.conf in this release. Talos woul…
For research discoveries and disclosure, I already have a trusted list of journalists. For individuals and groups looking to include me in their efforts, please communicate using my PGP key listed above. Do your due dilligence first. I get a lot of requests and vetting what is legitimate gets annoying.
