• An Information Security Place Podcast – 01-22-14
    Comments Off on An Information Security Place Podcast – 01-22-14

    Jim, Dan, and Michael have a lot of catching up to do. We talk about a lot of stuff because a lot of stuff has been happening. From RSA, NSA, QSAs… security is busy! Show notes below! Show Notes: InfoSec News Update – 123456 is the new best of the worst – Link RSA Conf…

    Read more
  • Giving Grammy security advice
    Comments Off on Giving Grammy security advice

    So Grammy got a computer. No, not my Grammy. Just some random Grammy out there got a computer. How do I know? Because someone who set up her computer wanted their family to know that Grammy got a computer and now could get emails. So that person sent out an email to “Mom” and a…

    Read more
  • An Information Security Place Podcast – The HouSecCon 2013 Episode
    Comments Off on An Information Security Place Podcast – The HouSecCon 2013 Episode

    Quick show this time. Jim, Dan, and Michael are all at HouSecCon 2013 in Houston, TX on October 18. They found a quiet room away from all the conference noise and recorded a fast podcast. Jim and Dan talk about their talks, and Michael talks about the fun and stress of being the HouSecCon organizer….

    Read more
  • An Information Security Place Podcast – 09-06-13
    Comments Off on An Information Security Place Podcast – 09-06-13

    We’re in rare form today. A lot of fun sprinkled with the occasional good nugget of information security news and discussion. Show Notes: InfoSec News Update – New OSX Metasploit Module or Time is not on your Side! – Link If your session belongs to a user with Administrative Privileges (the user is in the…

    Read more
  • For All Parents – My First Day of School Sermon
    Comments Off on For All Parents – My First Day of School Sermon

    I put this on Facebook today, and I wanted to share it here on my blog. I have very strong feelings about this if you can’t tell. ******************** From me as a parent to other parents: A lot of people are celebrating the first day of school today. For those of you genuinely celebrating your…

    Read more
  • An Information Security Place Podcast – 8-20-13
    Comments Off on An Information Security Place Podcast – 8-20-13

    We’re back to work. Show Notes: InfoSec News Update – Scan the Entire Internet in less than 45 minutes!! – Article Link and tool link Zuckerberg’s Profile Hacked – Link FDA Issues Guidelines on Wireless Medical Devices – Link OWASP Top 10 Update – Link Malware Sandboxing Not Working – Link Sparty: MS Sharepoint and…

    Read more
  • New talk – The Solution vs The Silver Bullet
    Comments Off on New talk – The Solution vs The Silver Bullet

    I have developed a new presentation that I gave for the first time yesterday at the Texas Technology Summit in Houston. The title and synopsis are below. Title: The Solution vs The Silver Bullet (or InfoSec Industry != InfoSec Practice) Synopsis: The information security industry and information security practice are two concepts that should not…

    Read more
  • Innovation Sandbox at RSA – a Lesson in Security AND Oratory Skills
    Comments Off on Innovation Sandbox at RSA – a Lesson in Security AND Oratory Skills

    While attending the 2013 RSA Conference last week, I took a chance and attended the presentations in the Innovation Sandbox Showdown. If you haven’t been to these or aren’t familiar with them, this is where security startups show their wares to a panel of venture capitalists and infosec experts for the title of “Most Innovative”….

    Read more
  • An Information Security Place Podcast – Episode 04 for 2012
    Comments Off on An Information Security Place Podcast – Episode 04 for 2012

    Holy crap, we recorded an episode. That’s all I got to say about that… Show Notes: InfoSec News Update – Howard Schmidt is Retiring – Link Here Vulnerability Stats of Publicly Traded Companies – Link Here Tool Update – Threadfix from Denim Group – Link Here The Mission Impossible Self-Destructing SATA SSD Drive – Link…

    Read more
  • An Information Security Place Podcast – Episode 03 for 2012
    Comments Off on An Information Security Place Podcast – Episode 03 for 2012

    Today’s show is Michael interviewing Kevin Riggins. Kevin is an Enterprise Security Architect for a Fortune 500 financial services company. Kevin and Michael have some great conversation about Kevin’s job, what he is doing at RSA, where he blogs, the book he coauthored, etc. (look below in the show notes for links to everything). Then…

    Read more
  • An Information Security Place Podcast – Episode 02 for 2012
    Comments Off on An Information Security Place Podcast – Episode 02 for 2012

    Thanks go to Jeremiah Grossman for sitting down with Michael for some great discussion. Jeremiah is the CTO at Whitehat Security and a very well known figure in the InfoSec industry. Jeremiah and Michael talk about Hawaii, sharks, security philosophy, RSA, stage fright, Jeremiah’s TED talk (not published as of the posting of this entry),…

    Read more
  • Symantec’s latest statement on source code theft
    Comments Off on Symantec’s latest statement on source code theft

    This is from a local Houston Symantec source, but is widely available to everyone. Current on date of posting. We’ll see what shakes out. “Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued. The code involved is…

    Read more
  • Security Lesson from A Mouse Story
    Comments Off on Security Lesson from A Mouse Story

    I was going through some old blog posts, and one I found contained the following story: Mouse Story A mouse looked through the crack in the wall to see the farmer and his wife open a package. “What food might this contain?” The mouse wondered – he was devastated to discover it was a mousetrap….

    Read more
  • An Information Security Place Podcast – Episode 01 for 2012
    Comments Off on An Information Security Place Podcast – Episode 01 for 2012

    Wow! 6 Months…and 2 job changes later, we are finally back to recording! YEAH!….Here the latest show from our intrepid hosts. Show Notes: InfoSec News Update – The Hacker News Hacking Awards : Best of Year 2011 – Link Here Japan’s Anti-Virus Virus – Link Here Nginx (pronunciation: “engine-ex”) becomes #2 web server Saudi hackers…

    Read more
  • Quit publishing my info. I said stop! Now!
    Comments Off on Quit publishing my info. I said stop! Now!

    My wife and I homeschool, so we include our kids in a lot of extracurricular “stuff” to hopefully keep them well-rounded. One of the things my oldest son does is take a Lego engineering class at a small local school that caters to homeschoolers. Last year, when we first signed up for the school, we…

    Read more
  • Viewing InfoSec from another angle – a personal reflection
    Comments Off on Viewing InfoSec from another angle – a personal reflection

    A while back I tweeted about my acceptance of the Security Technology Advocate role at Accuvant. To be clear, I am not going to be fully transitioned into the role until Jan 1, 2012. But I have been doing some work in the new gig, and I have already experienced a lot of changes on…

    Read more
  • Be an InfoSec Berean
    Comments Off on Be an InfoSec Berean

    In the Bible (no, this is not a sermon – yes, this is InfoSec relevant), there was this group that Paul ran into called the Berean Jews. (Acts 17:10-15 if you want to look it up). These Bereans were shown in the scriptures to be diligent people who checked the facts. Verse 11 says: Now the…

    Read more
  • An Information Security Place Podcast – Episode 07-2011
    Comments Off on An Information Security Place Podcast – Episode 07-2011

    Today we have an interview for you. Michael had a great time sitting down with four gentlemen (they might not all agree with that term) from SpiderLabs over at Trustwave. The aforementioned SpiderLabs folks were Nicholas Percoco (@c7five), Steve Ocepek (@nosteve), Matt Jakubowski (@jaku), and Zack Fasel (@zfasel) – those are Twitter aliases for you…

    Read more
  • An Information Security Place Podcast – Episode 06-2011
    Comments Off on An Information Security Place Podcast – Episode 06-2011

    A lot of discussion in this episode. And what is more funny is Dan actually cuts Jim off on a subject. Yes, you heard it right. The famous “Web Security Minute Turned to 20 Minutes” Dan makes Jim stop talking. I guess the end of the world IS here! Oh, and Dan leads us into…

    Read more
  • An Information Security Place Podcast – Episode 05-2011
    Comments Off on An Information Security Place Podcast – Episode 05-2011

    I am tired of making excuses about us being late, so here is friggin’ episode #05-2011. Have fun! Show Notes: InfoSec News Update – HouSecCon 2011 update – Registration is open – Link Here Michaels Breached due to Card Skimmers – Link Here Dropbox saga continues (and heads to the feds) – Link 1 /…

    Read more
  • An Information Security Place Podcast – Episode 04-2011
    Comments Off on An Information Security Place Podcast – Episode 04-2011

    Hey, all three of us are here, and on schedule…. somebody check the temp outside Show Notes: InfoSec News Update –   TexSecConTriangle.com coming soon – HouSecCon, BSidesDFW, and LasCon Gonzales Update – Link Here Dropbox Pwnage –Link Here TX exposes 3.5 Mill records – Link Here Yet another Security Company Fail – Link Here…

    Read more
  • An Information Security Place Podcast – Episode 03-2011
    Comments Off on An Information Security Place Podcast – Episode 03-2011

    So it took a bit longer this time due to scheduling, and bodily harm on Michael’s part… but we finally got another episode recorded. Enjoy. Show Notes: InfoSec News Update – HouSecCon 2011 – Call for Papers is still On The Data Breach Final Four Bracket – Link Here Watching the Fall Out….Again – RSA…

    Read more
  • An Information Security Place Podcast – Episode 02-2011
    Comments Off on An Information Security Place Podcast – Episode 02-2011

    We have a little bit of innuendo humor on this episode, and we all break into some hysterics (it’s all in the geek toys section, so fast forward if you want to hear all that). Around that is some information and opinion on InfoSec stuff. We figured we would throw that in there because of…

    Read more
  • InfoSec is a Waffle (just like life)
    Comments Off on InfoSec is a Waffle (just like life)

    I was running through some Twitter posts from some friends / colleagues / random InfoSec folks, and I saw one from Jack Daniel that led me to his latest blog post.  In the post, Jack quickly covers the topic of preaching to the choir and staying in our own infosec echo chamber.  He says it…

    Read more
  • An Information Security Place Podcast – Episode 01-2011
    Comments Off on An Information Security Place Podcast – Episode 01-2011

    Thomas Jefferson said, “Delay is preferable to error.” Martin Luther said, “Who waits until circumstances completely favor his undertaking will never accomplish anything.” So depending on which quote you like, we either took a long time to record a new episode so we would do it right, or we are just a bunch of slackers….

    Read more
  • An Information Security Place Podcast – Episode 37
    Comments Off on An Information Security Place Podcast – Episode 37

    All three of us are on this time. Some good talk about disclosure and web app firewalls, and Google, and some other stuff. Enjoy! Show Notes: InfoSec News Update – Web App Firewall Discussion Continues – Link 1 / Link 2 / Link 3 / Link 4 Good Ole’ Firmware Hack – Link Here Small…

    Read more

Back to Top