Archive for the ‘Analytics’ Category

The Future of Security Automation.

It is entirely possible I am about to have a flying car moment. Recently I have been asked by a variety of product vendors and security consultancies for my opinions on the future direction of security and where they should be focusing their innovation efforts. I’m honestly not sure why I get asked this but I enjoy both the sound of my own voice and free lunches so i’m not complaining. Here is my view on the core of how we will be delivering security in large enterprises in the near-ish future.
(more…)

Pitfalls of Cyber Data

I jointly presented with Ernest Li at 44con Cyber Security on April 28th 2015 discussing how we use public cyber data and some of the problems we have run into. My presentation is on slideshare below:

Security Analytics Beyond Cyber

I presented at 44con 2014 on moving security analytics on from network defense and rapid response towards supporting data-driven and evidence-driven security management, my presentation is on slideshare below:

(more…)

Security Analysis for Humans

Following a highly enjoyable and usefully challenging conversation with Eric Leandri from Qwant.com I was inspired to consider some guiding principles for conducting security analysis.

With an obvious hat tip to the Zen of Python the following is what I am aspiring to meet in the increasingly data-driven security consulting work I am engaged in:

 

If it’s hard to explain, it’s probably bad analysis.

If you’re not making a decision easier what’s the point?

Hypotheses without goals are pointless.

Measurement without hypothesis is not analysis.

Explicit and transparent analysis matters.

Beautifully designed output matters.

Readability matters.

 

 

I’d love feedback from anyone else working in the field.

Big Data Security Analytics Paper

I wrote this paper with a colleague recently. A practical guide for getting started in Big Data Security Analytics. This should be the first of a series of posts on the application of big data technologies and data science approaches to cyber security.

I understand the impact of pervasive mobile, I get the risks of ‘consumerisation’ and I can see the challenges of cloud but it’s the opportunities of big data that have me excited about the future of security, both cyber security and traditional information security.

Twitter RSS