Derbycon
This was originally posted on blogger here. I had a great time talking about graph theory and infosec at Derbycon 3.0. Derbycon is an incredible gathering and I am honored to have been a part of it. ...
read more
Information Security Analytics Blog
By applying science to security we help our partners build their security programs based on facts rather than feelings. Follow our blog for the latest case studies and projects.
July 29, 2013
Cyber Attack Graph Schema (CAGS) 1.0
This was originally posted on blogger here. While the concept of attack graphs has been discussed, once thing that is lacking is a standard definition for an attack graph. ...
read more
July 12, 2013
Disincentivizing Delaying Risk Mitigation
This was originally posted on blogger here. There is an ongoing issue in infosec: the never-ending risk. This is a risk that infosec has identified but the project would rather not mitigate. ...
read more
June 21, 2013
Tied in Silk Ropes - A subtler way to infosec
This was originally posted on blogger here. After reading the Infosec Jerk's Problem blog, I wanted to suggest another way of dealing with the constant struggle between infosec and the rest of the organization. ...
read more