Latest Event Updates

Summer STEM for Kids

Posted on

I’ve got a new post on the Internet Storm Center about teaching kids coding and electronics during the summer. Come check it out.

Mapping Attack Methodology to Controls

Posted on Updated on

I’m handler for today and I’ve got a post up about mapping controls.  One of the key points is to make sure you do this for each attach method you respond too.

BSides Augusta Slides

Posted on

Had a great time at Bsides Augusta 2016. Heres my slide deck ir-awakens.

Keeping IR Focused

Posted on

I’m handler of the day at the ISC. I’ve got a write-up on how to keep your  IR team focused on what matters by having a chart to map where to get the best data for what they are looking for.

522 Error Code for the Win

Posted on Updated on

I’m ISC Handler for the day stop by the site and see my latest post about using HTTP error code 522 to detect infected machines.

Kippo Honeypot Cousin Cowrie

Posted on

I’m ISC handler of the day and I’ve got a great post on setting up Apparmor, SQlite3, and Dshield with Cowrie. Please drop by ISC and check it out.

Incident Response for Tomcat

Posted on Updated on

I’m Handler for today at the storm center and I got a new post about doing IR on a compromised Tomcat system with XOR.DDOS installed on it. Come check it out.