I presented at 44con 2014 on moving security analytics on from network defense and rapid response towards supporting data-driven and evidence-driven security management, my presentation is on slideshare below: Security Analytics Beyond Cyber from Phil Huggins
Security Analysis for Humans
Following a highly enjoyable and usefully challenging conversation with Eric Leandri from Qwant.com I was inspired to consider some guiding principles for conducting security analysis. With an obvious hat tip to the Zen of Python the following is what I am aspiring to meet in the increasingly data-driven security consulting work…
Protecting Information About Networks, The Organisation and Its Systems
I recently wrote a report with a number of colleagues for the Centre for the Protection of National Infrastructure (CPNI) on the Network Reconnaissance phase of a targeted attack following initial exploitation. The report covers what is targeted, how the attackers operate and what controls help. Below is a summary infographic…
Big Data Security Analytics Paper
I wrote this paper with a colleague recently. A practical guide for getting started in Big Data Security Analytics. This should be the first of a series of posts on the application of big data technologies and data science approaches to cyber security. I understand the impact of pervasive mobile,…
Cross-Domain Gateway Functions
Cross-Domain Gateways are a concept from multi-level government and military networks that are increasingly being deployed into traditionally flat commercial networks. I’ve spoken before about ‘trust zones‘ and the concept of choke-points between trust zones concept combined with a view of the threat exposure for each trust zone underlies the…