Bugcrowd, for anyone not familiar, is a managed crowdsourced bug bounty service. They’re getting into penetration testing and released a report to sell the benefits of this service versus traditional penetration testing. The report is found here. Disclaimer: I am a penetration tester, and admit some bias. I have some limited experimented with bug bounties. Read more about Crowdsourced penetration testing[…]
I’ve resisted as long as I could. It’s futile. My home, and likely yours, has been slowing filling with small, internet connected devices. These include voice-controlled smart speakers like the Amazon Alexa, Google Home, appliances, smart thermostats, cameras, smart light bulbs, smart plugs, smart everything. They’re called “internet of things” or IoT for short. Yet, Read more about The Internet of Risky Things[…]
This post contains notes, links and slide images from my Cybercrime presentation (BSides Greenville and ISSA meetings). There are many books and reports that were used for the research of this talk. The statistics were cited in the respective slide. I hope you find these resources useful in your daily security or they may prompt Read more about Cybercrime Notes and slides[…]
I’ve traveled for work and have seen some crazy things out there. In most cases, I think people just seem to let their guard down. We are so focused on what we’re doing that we don’t notice all the nosy people around or the risks we take. We completely forget where they are among others Read more about Security While Traveling[…]
The Security Top Ten List is my annual guide of security topics for everyone to make the most improvement to their security with the least effort and cost. This is the “low hanging fruit” and is your opportunity to be proactive. Security is a byproduct of our digital lives, and this is an effort to Read more about The Security Top Ten List – 2017[…]