Collaborate Disseminate
I’ve completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It’s available now for Kindle, and I’m working on the print edition. … Continue reading New Book! The Best of TaoSecurity Blog, Volume 4
What are the origins of the names TaoSecurity and the unit formerly known as TAO? IntroductionI’ve been reading Nicole Perlroth’s new book This Is How They Tell Me the World Ends. Her discussion of the group formerly known as Tailored Access… Continue reading The Origins of the Names TaoSecurity and the Unit Formerly Known as TAO
PropositionDigital offense capabilities are currently net negative for the security ecosystem.[0]The costs of improved digital offense currently outweigh the benefits. The legitimate benefits of digital offense accrue primarily to the security one perc… Continue reading Digital Offense Capabilities Are Currently Net Negative for the Security Ecosystem
Introduction I published a new book!The Best of TaoSecurity Blog, Volume 3: Current Events, Law, Wise People, History, and Appendices is the third title in the TaoSecurity Blog series. It’s in the Kindle Store, and if you have an Unlimi… Continue reading New Book! The Best of TaoSecurity Blog, Volume 3
There’s a good chance that if you’re reading this post, you’re the member of an exclusive club. I call it the security one percent, or the security 1% or #securityonepercent on Twitter. This is shorthand for the assortment of people and organizations w… Continue reading Security and the One Percent: A Thought Exercise in Estimation and Consequences
Just what are “tactics”?IntroductionMITRE ATT&CK is a great resource, but something about it has bothered me since I first heard about it several years ago. It’s a minor point, but I wanted to document it in case it confuses anyone else.The MI… Continue reading MITRE ATT&CK Tactics Are Not Tactics
I was so pleased to read this Tweet yesterday from Greg Rattray:”Back in 2007, I coined the term “Advanced Persistent Threat” to characterize emerging adversaries that we needed to work with the defense industrial base to deal with… Since … Continue reading Greg Rattray Invented the Term Advanced Persistent Threat
The FBI intrusion notification program is one of the most important developments in cyber security during the last 15 years. This program achieved mainstream recognition on 24 March 2014 when Ellen Nakashima reported on it for the Washington Post … Continue reading The FBI Intrusion Notification Program
I published a new book!The Best of TaoSecurity Blog, Volume 2: Network Security Monitoring, Technical Notes, Research, and China and the Advanced Persistent ThreatIt’s in the Kindle Store, and if you’re Unlimited it’s free. Print edition to follo… Continue reading New Book! The Best of TaoSecurity Blog, Volume 2
By Richard Bejtlich, Principal Security Strategist, Corelight This post contains a warning and a solution for anyone using BPF syntax when filtering traffic for network security monitoring. Introduction I have been writing material for the Zeek docume… Continue reading Mixed VLAN tags and BPF syntax