Help me help you

Warning, this is a rant. Overall I do like my job, and in general I like people. Yet I have to ask why is it that there are times it is so hard to communicate and to help someone understand that there is what I will simply call individual responsibility. This idea is on occasion completely lacking in the minds and hearts of otherwise rational human beings with a basic level of God-given intelligence.

To the user in this state of cluelessness: If you are unable or unwilling to assist your friendly neighborhood IT person/department with such fundamental principles as where you store your work related files, or what the frig you named a file (even one single word that you are certain was in the file name), then I am sorry to say that you are on your own.

And when it comes to InfoSec and DR/BC the same rules apply. If you don't have the ability to care about where your files are and whether they are being backed up, and you are OK with leaving your password post-it under your keyboard then I must advise you that I will find it hard to muster any sympathy or empathy when (not if) you get powned. In fact it will take every bit of my already limited supply of self control to not shout I TOLD YOU SO when the inevitable happens.

So the subtext on the t-shirt above reads: because their ignorance is your job security. True that, I shut up now...

Had an all around good time in Cleveland last week @ the (8th annual) Information Security Summit 2010. I had not previously attended this event, I was impressed. Good mix of speakers/topics and not too many vendors. I was grateful my employer allowed me to do the pre-conference training Mon/Tue/Wed.

Monday was a pretty good overview of 'next-gen' firewalls. Well, specifically Palo Alto Networks firewalls but they didn't push their product hard and the concepts behind application aware firewalls makes sense as a way to have better control of the things you want to allow vs. those you don't.

Tuesday/Wednesday was the highlight of the week for me, Intro to Malware Analysis taught by certifiable reverse engineer ninja Tyler Hudak. Tyler works for Richard Bejtlich at a little outfit known as General Electric. The course was very well thought out, great curriculum/flow and a good deal of hands-on with some of the current tools of the trade. Just enough to make me want to do more of this myself, while still realizing that it is an area of InfoSec where keeping skills sharp and moving to the next level is no small feat.

My favorite talk for the conference would have to be David Kennedy's Social Engineering Toolkit demo and evangelism soapbox. Mr. Kennedy created the SET and the demo struck fear in most of the people in the audience, me included. SET is no doubt an amazing tool, and David makes a strong case for SE becoming a standard part of pentesting.