xianshield

Look on the presentation page for a condensed version of a presentation on how to arm security investigators with tools. Read More...

We presented on "Arming Security Investigators" and shared how to build a comprehensive security response architecture, saturated with intelligence. You can find the presentation on the presentations page.

Speaking with Patrick Gray at the Western Canada Security Conference in Edmonton, Calgary, and Vancouver during the week of June 14th

Will present a 2-hour session based on our book at Cisco Live in Las Vegas next month. The talk is BRKSEC-3061, and features the lumberjack-bearded Chris Fry along with me, his co-author.

The book is: Security Monitoring: Proven Methods for Incident Detection on Enterprise Networks. Here are the links:

Official Page
Amazon

Presentation for FIRST 2009 in Kyoto Japan Read More...

Presentation on how to prevent gaps in your security monitoring infrastructure, presented at Triangle InfoSecCon and hopefully at FIRST 2009 in Kyoto, Japan. Read More...

Presentation on how to setup your security monitoring systems, presented at FIRST and Networkers. Read More...

I delivered a new talk on "taming media and messaging" that addresses how parents can filter media for their families. It addresses things like Internet content filtering, Facebook, Myspace, and the V-Chip You can find 2 forms of the presentation on the Presentations page. You'll find a slidecast at the church web site. Read More...

I'm pleased to say there have been some good reviews of SQL Injection Defenses. Gregory Wilson reviewed it as part of his Short Cuts review for Dr. Dobb's Journal: Short Cuts. Robert Atkinson has reviewed it on the PHP London site: Book Review - SQL Injection Defences. I like how Robert Atkinson changed "defenses" to "defences". :-) Read More...