As you can guess, I have written a lot of fun security stuff over the years. I’ve been “liberating” my content for the community to read, starting from presentations (via Slideshare)
Now, I am releasing most of my old paper content as well:
Feel free to check these periodically as I will be adding old papers from my collections for a long time (they also get auto-dumped to Twitter). BTW, I am doing it despite the fact that some of my writing from 2002 is quite embarrassingly naive :-) But I never, ever misspelled HIPAA! Never!
Notable papers released:
- Automated Incident Handling Using SIM (now known as SIEM :-))
- Log Data Mining /awesomeness alert! :-)/ - and related presentation on log data mining.
- Where Logs Hide: Logs in Virtualized Environments
- Discovery of Compromised Machines
- Trends in database log management
- Buy vs. Build vs. Outsource: What’s Your Best Log Management Strategy? – and related presentation on the same subject.
- [very old, but still fun piece] On covert channels
- PCI DSS Myths – and related presentation on PCI myths
- “Security First” or “Compliance First”
- All presentations – there are pretty much all fun!
Go dig thru it, but keep in mind, old security stuff gets stale fast. So, while reading it, keep this in mind.
Possibly related posts: