by Charles Herring | Jul 29, 2020 | blog, InfoSec Craft, Inside WitFoo, WitFoo Coding
Slides of our talk can be downloaded here. Details on the session are available here: https://exploitcon.com/#/west AGENDA Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting...
by Charles Herring | Mar 3, 2020 | blog, InfoSec Craft
To the Surgeon Later today I am headed to see my surgeon to schedule a proceedure. I need to have a surgery that is going to leave me off my feet for a week or more. My family will have to pick up the slack at home and my co-workers will have to take on my share of...
by Charles Herring | Feb 20, 2020 | blog, InfoSec Craft, InfoSec How-To, Uncategorized, WitFoo Story
Last year, I spoke at 26 security meetings and conferences. I learn the most when I’m in the field with my heroes. If you have a local meeting or conference that would benefit from any of these topics, let us know and I’ll do my best to show up. Bio...
by Charles Herring | Oct 29, 2019 | blog, InfoSec Craft, Inside WitFoo
Abstract Developing software that changes the world, exceeds customer expectations, provides turn-key functionality in diverse scenarios while meeting security and compliance requirements is the holy grail of Security Development Operations (SECDEVOPS). There are...
by Charles Herring | Oct 23, 2019 | blog, InfoSec Craft
Recording of Presentation Downloads My deck on Breaking NBAD & UEBA Talk given at DEFCON & GRRCON (2019) can be downloaded here: download link. The script referenced in the talk can be viewed on the Pastebin dump. Abstract Network Behavior Anomaly Detection...
by Charles Herring | Nov 9, 2018 | blog, InfoSec Craft, InfoSec How-To
We are often asked how we are able to calculate metrics as described here: And demonstrated/explained here: In this installment I will explain how you can calculate Return on Investment of any security tool using reclaimed FTE labor hours as the purchase...
