Information Security Analytics Blog

By applying science to security we help our partners build their security programs based on facts rather than feelings. Follow our blog for the latest case studies and projects.

post-thumb
September 29, 2013

Derbycon

This was originally posted on blogger here. I had a great time talking about graph theory and infosec at Derbycon 3.0.  Derbycon is an incredible gathering and I am honored to have been a part of it. ...

read more
post-thumb
July 29, 2013

Cyber Attack Graph Schema (CAGS) 1.0

This was originally posted on blogger here. While the concept of attack graphs has been discussed, once thing that is lacking is a standard definition for an attack graph. ...

read more
post-thumb
July 12, 2013

Disincentivizing Delaying Risk Mitigation

This was originally posted on blogger here. There is an ongoing issue in infosec:  the never-ending risk.  This is a risk that infosec has identified but the project would rather not mitigate. ...

read more
post-thumb
June 21, 2013

Tied in Silk Ropes - A subtler way to infosec

This was originally posted on blogger here. After reading the Infosec Jerk's Problem blog, I wanted to suggest another way of dealing with the constant struggle between infosec and the rest of the organization. ...

read more

LET’S WORK TOGETHER