I've had the pleasure of spending yesterday and today (and I'll be here
tomorrow too) at the 2010 CodeMash conference in Sandusky, at the spectacular
Kalahari resort (if you've never been here, its way worth it). We attended
the "precompiler" presentations yesterday, and have been to 3 presentations
so far today. While the conference seems very heavy on the Microsoft and Ruby
fronts (almost every presentation has had C# or Ruby code, some of them have
had both), there's a lot of good stuff to come away with anyways.
For example, the two presentations we attended yesterday discussed
test-driven development, something I'd never experienced before. In addition,
the presentations both discussed the merits of OOP, specifically when
narrowing classes down to one particular function each. This was something
I'd encountered before, but never really understood -- why would I w... (more)
No matter what facet of information security you're in, from being the CISO
down to just installing security patches and keeping up to date, there will
probably be a point where you need to see the details of a hack. Maybe it's
because you need to fingerprint what it does or how it acts on your network.
Maybe it's because you need to be able to reproduce it in a penetration test.
Either way you look at it, sometimes you just need to test something out.
Obviously, this could go one of a few ways. You could execute these hacks on
your network. This could lead to potentially bad out... (more)
Sales – Listen to the Customer
By: Matt Yonchak
Before you read any further in this post please take five minutes to read
Why I Am Leaving Goldman Sachs
As an IT security consultant/MSSP/whatever you want to call third-party
security provider, the second I started reading that article I immediately
began drawing comparisons to the current landscape of IT security companies.
Too many times I’m brought into a company to discuss a need that they have
that relates to security and I’m confronted with “Well Company X told us
to purchase this technology and that would solv... (more)
A few months ago, we released a tool called check_splunk_license to the world
(under the GPL at the time, but as of 4/19/2012, alternatively available
under the MIT license). Since then, the check was adopted by Luke Harris for
use in the Splunk for Nagios app for Splunk. We promised way back when that
we’d add additional checking for the expiration of licenses, and now I’m
here to tell you we’ve made good on that promise. But there’s more to the
update than just expiration monitoring…
The reason we originally released check_splunk_license, you may recall, was
in direct response... (more)
Ohio LinuxFest 2012 – Reflecting on Fun
By: Dru Streicher
Another Ohio LinuxFest has come and gone, yet the level of ingenuity I
witness every year never ceases to amaze me. There were two presentations
that stood out as the highlights of my weekend.
The first presenter, Daniel Thau, demonstrated his new distribution called
Bedrock Linux. I’ll admit it, the cynic in me was saying, “great just
what we need, another distro.” I thought of all the distributions flying
around today and wondered what could be so special about this one. Boy was I
wrong! Bedrock Linux is unique: it pull... (more)