Pass the Hash (PTH) is one of the most potent exploits in the hacker arsenal for gaining system administrator privilege and compromising an entire enterprise network. Why? Because PTH can be successful simply by compromising a single machine. PTH works by extracting credential information from the computer’s memory. Any credential present on the computer is […]
Due to the BYOD and cloud computing trends, as well as to the presence of insider threats and sophisticated overseas adversaries, the enterprise network perimeter is a myth. That is, you can’t depend on an internet firewall to protect the critical data that defines a business. What can you do? Effective data protection requires layers […]
Big thank you to CARTES America 2014 for hosting my presentation, Using NSA Tradecraft to Protect Data on Mobile Devices. And who doesn’t love visiting Las Vegas before it gets really hot? All of the slide decks from CARTES America 2014 are available here.
Network security requires both top-down and bottom-up thinking. Read more about securing network endpoints in the 25th edition of the JW Secure Informer.
Reminder to those attending RSA in San Francisco this week: the below session is this morning and is free to Expo pass holders. In addition to the 10am panel, we’ll also be demonstrating the JW Secure StrongNet solution interoperating with a Continuous Monitoring agent from Microsoft Trustworthy Computing. Consistent with the theme of the TCG […]
Get Proactive with Security: Using Trusted Computing to Free Security Resources for the Day-to-Day Fires
Coming to RSA in San Francisco this year? The conference organizers would like to remind you that there is compelling content on the first day of conference, Monday, February 24, 2014. And an expo pass is enough to get you into these… any you get a free lunch! I’ll be participating in the following moderated […]
The secret to protecting big data isn’t to put it under a big tarp. Or to guard it with a big dog. No! The secret to protecting big data is encryption. And you don’t even need big encryption. Just regular encryption will do it. Information security is all about the basics: access control, authorization, confidentiality. […]
My Microsoft MVP-ness got renewed for the sixth consecutive year! I’ve been keeping busy. Check out my public MVP profile; it lists the technical community-oriented activities that have made me worthy.
Our rock star technical team has just grown to include fellow ex-MSFT colleague Jeff Sigman! Jeff started at Microsoft in 1997 and spent most of his 16 year career in the Windows division focused on networking and security. His work can be seen in every major Windows release since Windows 2000 and included software development […]
Thank you very much to the NYU-Poly THREADS conference organizers for hosting the DARPA Cyber Fast Track presentations yesterday. It was an honor to be among the CFT awardees, and an honor to be on the THREADS list. If you missed my presentation and/or want to review the slide deck, it’s below. Secure Endpoints, Secure […]