Following the Wh1t3 Rabbit - Practical Enterprise Security

Enterprise Security organizations often find themselves caught between the ever-changing needs of the agile business, and the ever-present, ever-evolving threats to that business. At the same time – all too often we security professionals get caught up in “shiny object syndrome” which leads us to spend poorly, allocate resources unwisely, and generally de-couple from the organization we’re chartered to defend. Knowing how to defend begins with knowing what you’ll be defending, why it is worth defending, and who you’ll be defending from… and therein lies the trick. This blog takes the issue of enterprise security head-on, challenging outdated thinking and bringing a pragmatic, business-aligned, beyond the tools perspective … so follow the Wh1t3 Rabbit and remember that tools alone don’t solve problems, strategic thinkers are the key.

Rafal (Principal, Strategic Security Services)

Here a box, there a box, everywhere a box … breached

Did everyone (who went) enjoy RSA Conference 2014? Did you get caught up in the hype! hype! hype! of the thing, or did you find some real value? Here's my take on the conference, and some of the key lessons I took away this year...

Operationalizing Security Intelligence - Talk Slides from DerbyCon 2013

I spoke at DerbyCon 2013 recently, and for those interested - here are the slides from that talk.

Labels: conference

Black Hat Europe 2012 - Day 3 - Some thoughts on sandboxes

I've always found sandboxes interesting, particularly from a cost-benefit analysis perspective.


As a developer you should be writing good code, period.  But when the pace of developing new functionality outpaces the ability to do complete software security analysis we see security organizations turning to sandboxing as a method of limiting the amount of damage an exploited piece of code can do.  Just ask Adobe if you want a good example.


Does it make sense to spend time designing, coding, testing and deploying a sandbox, when the real issue is in the underlying application you're trying to protect the operating system from?  I'll let you answer that for yourself.

3 Key take-aways from Amsterdam [Black Hat Europe 2012]

This blog is coming to you live from Amsterdam, one of my favorite cities in all the world for its laid-back attitude, it's brilliant culture, and history beyond books.  The conference has grown again, and I'm having a great time learning, meeting, and presenting - but as always, long after memories of presenters and topics fade I will remember the hallway conversations, the between-talk discussions and new friends being made.  On that thread, thought it would be appropriate to give you a Top 3 list of things I think are key take-aways from this year's Black Hat Conference here in Europe, in case you're not here right now.

About the Author(s)
Follow Us
Twitter Stream

Community Announcements
HP Blog

Technical Support Services Blog

The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation