Best Practices
HolisticInfoSec
Posted on August 3, 2018
| 2 minutes
| Russ McRee
Kevin Mitnick, in his book The Art of Intrusion, offers sound and succinct advice:
Ensuring proper configuration management is a critical process that should not be ignored. Even if you properly configure all hardware and software at the time of installation and you keep up-to-date on all essential security patches, improperly configuring just a single item can create a crack in the wall.[1]
So what defines a "best practice"?
Processes and activities that have been shown in practice to be the most effective.
[Read More]
Events
HolisticInfoSec
Posted on August 3, 2018
| 8 minutes
| Russ McRee
HolisticInfoSec.io’s Russ McRee speaks regularly on information security topics in the hope of sharing knowledge and resources with a wide audience.
Past Events
(ISC)2 Security Congress DFIR Redefined: Deeper Functionality for Investigators with R
October 29, 2019
Secure Iowa Conference 2019 Keynote
October 8, 2019
Derbycon 7 DFIR Redefined: Deeper Functionality for Investigators with R
September 2017
BSides Augusta 2017 Keynote
September 16, 2017
Emcee at Microsoft’s BlueHat v14, Redmond, WA, October 10, 2014
[Read More]
In The News
HolisticInfoSec
Posted on August 3, 2018
| 2 minutes
| Russ McRee
Digital Guardian 08/5/2020 Top 50 InfoSec Blogs You Should Be Reading
JAGWIRE NEWS August University 08/25/2017 Augusta University to host cybersecurity conference
12 WRDW 07/03/2017 Organizers prepare for this year’s Augusta Cyber Week
Reciprocity Labs 04/25/2017 69 Information Security Blogs You Should Be Reading
E&E News 10/06/2015 GRID: Friendly hackers break into a utility and make a point
Idaho Statesman 11/18/2014 Hackers are having their way, nearly unchecked
Digital Guardian (Verdasys) 10/22/2014 Top 50 InfoSec Blogs You Should Be Reading
[Read More]
Publications
HolisticInfoSec
Posted on August 3, 2018
| 3 minutes
| Russ McRee
HolisticInfoSec.org’s Russ McRee writes regularly regarding information security topics in the hope of sharing knowledge and resources with a wide audience.
February’s toolsmith snapshot focuses on network-wide ad blocking via your own Linux hardware with Pi-hole.
Older article copies, particularly from September 2015 through August 2018 are available here and older PDF copies prior to September 2015 are available here.
Award winning toolsmith offers insights on tools useful to the information security practitioner, typically open source and free.
[Read More]
Simplicity
HolisticInfoSec
Posted on August 3, 2018
| 2 minutes
| Russ McRee
Employ simplicity as a tool used to keep your systems running securely and efficiently. Simplicity helps eliminate network clutter, performance issues, cost, and reduces risk. Give yourself the space to step back, analyze and test carefully to ensure all your systems and networks meet a secure standard. Streamlining processes greatly enhances uptime and quality of service, as well as aiding in secure systems.
Bruce Schneier, in 1999, wrote for Information Security, "You can't secure what you don't understand.
[Read More]
Templates
HolisticInfoSec
Posted on August 3, 2018
| 1 minutes
| Russ McRee
Templates for your use in your organizations and endeavors to improve your security posture.
Incident Response Test Plan
Posted on January 1, 0001
| 1 minutes
| Russ McRee, Ph.D.
Presentations
HolisticInfoSec.org’s Russ McRee presents regularly regarding information security topics in the hope of sharing knowledge and resources with a wide audience.
Cloud Security Alliance Seattle Chapter: May 2016 Chapter Meeting Attack & Detect: Red vs. Blue PowerShell 25 MAY 2016
Posted on January 1, 0001
| 1 minutes
| Russ McRee, Ph.D.
HolisticInfoSec
Russ McRee, Ph.D.
Posted on January 1, 0001
| 1 minutes
| Russ McRee, Ph.D.
HolisticInfoSec.io is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in toolsmith.
[Read More]
HolisticInfoSec
Russ McRee
Posted on January 1, 0001
| 5 minutes
| Russ McRee, Ph.D.
Russ McRee writes award-winning toolsmith, published monthly as often as possible. ;-)
As of August 2018, toolsmith is exclusively published via holisticinfosec.io.
From September 2015 through August 2018, toolsmith was exclusively published at the HolisticInfoSec blog.
From November 2006 through August 2015, toolsmith was published in the ISSA Journal.
Thank you for your continued patronage and support.
August 2015 - There Is No Privacy - Hook Analyser vs. Hacking Team July 2015 - Malware Analysis with REMnux Docker Containers June 2015 - IoT Fruit - Pineapple and Raspberry May 2015 - Attack & Detection: Hunting in-memory adversaries with Rekall and WinPmem April 2015 - Rapid Assessment of Web Resources (RAWR!
[Read More]