Skip to content

WindowsTechs.com

Collaborate Disseminate

Menu

Primary menu

  • Home

Author Archives: Richard Bejtlich

Trying DetectionLab

Posted on January 28, 2019 by Richard Bejtlich

Many security professionals run personal labs. Trying to create an environment that includes fairly modern Windows systems can be a challenge. In the age of “infrastructure as code,” there should be a simpler way to deploy systems in a repeatable, virt… Continue reading Trying DetectionLab→

Posted in Docker, nsm, vagrant, Virtualization

Happy 16th Birthday TaoSecurity Blog

Posted on January 8, 2019 by Richard Bejtlich

Today, 8 January 2019, is TaoSecurity Blog’s 16th birthday! This is also my 3,041st blog post.I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone.Here are a few statistics on the blog. Blogger started… Continue reading Happy 16th Birthday TaoSecurity Blog→

Posted in birthday

Notes on Self-Publishing a Book

Posted on December 31, 2018 by Richard Bejtlich

In this post I would like to share a few thoughts on self-publishing a book, in case anyone is considering that option.As I mentioned in my post on burnout, one of my goals was to publish a book on a subject other than cyber security. A friend fro… Continue reading Notes on Self-Publishing a Book→

Posted in announcement, books, topcan, writing

Managing Burnout

Posted on December 21, 2018 by Richard Bejtlich

This is not strictly an information security post, but the topic likely affects a decent proportion of my readership.Within the last few years I experienced a profound professional “burnout.” I’ve privately mentioned this to colleagues in the industry,… Continue reading Managing Burnout→

Posted in philosophy, topcan

The Origin of the Quote "There Are Two Types of Companies"

Posted on December 18, 2018 by Richard Bejtlich

While listening to a webcast this morning, I heard the speaker mentionThere are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.He credited Cisco CEO John Chambers but didn’t provide any source.Tha… Continue reading The Origin of the Quote "There Are Two Types of Companies"→

Posted in history, philosophy, topcan

The Origin of the Term Indicators of Compromise (IOCs)

Posted on November 25, 2018 by Richard Bejtlich

I am an historian. I practice digital security, but I earned a bachelor’s of science degree in history from the United States Air Force Academy. (1)Historians create products by analyzing artifacts, among which the most significant is the written word…. Continue reading The Origin of the Term Indicators of Compromise (IOCs)→

Posted in history, indicators, Mandiant, philosophy, topcan

Even More on Threat Hunting

Posted on November 24, 2018 by Richard Bejtlich

In response to my post More on Threat Hunting, Rob Lee asked:[D]o you consider detection through ID’ing/“matching” TTPs not hunting?To answer this question, we must begin by clarifying “TTPs.” Most readers know TTPs to mean tactics, techniques and proc… Continue reading Even More on Threat Hunting→

Posted in indicators, philosophy, topcan | Tagged Hunting

More on Threat Hunting

Posted on November 23, 2018 by Richard Bejtlich

Earlier this week hellor00t asked via Twitter:Where would you place your security researchers/hunt team?I replied:For me, “hunt” is just a form of detection. I don’t see the need to build a “hunt” team. IR teams detect intruders using two major modes: … Continue reading More on Threat Hunting→

Posted in philosophy, topcan, visibility | Tagged Hunting

Cybersecurity and Class M Planets

Posted on November 2, 2018 by Richard Bejtlich

I was considering another debate about appropriate cybersecurity measures and I had the following thought: not all networks are the same. Profound, right? This is so obvious, yet so obviously forgotten.Too often when confronting a proposed defensive me… Continue reading Cybersecurity and Class M Planets→

Posted in philosophy

Have Network, Need Network Security Monitoring

Posted on October 25, 2018 by Richard Bejtlich

I have been associated with network security monitoring my entire cybersecurity career, so I am obviously biased towards network-centric security strategies and technologies. I also work for a network security monitoring company (Corelight), but I am n… Continue reading Have Network, Need Network Security Monitoring→

Posted in nsm, philosophy, visibility

Post navigation

← Older posts
Newer posts →

Primary Sidebar Widget Area

Infocon Status

Internet Storm Center Infocon Status

Recent Posts

  • James Webb Space Telescope Discovers How Black Holes Feed Themselves July 19, 2026
  • Robot ‘Decapitated’ in World’s First-Ever Humanoid UFC Fight July 19, 2026
  • Recycling Laptops and iMacs Makes PC Building Fun and Affordable Again July 19, 2026
  • Windows 10 Still Being Used, Often Unpatched and Insecure July 19, 2026
  • From the Editor’s Desk: Mid-2026 Health Check-In Update ⭐ July 19, 2026

Tag Cloud

Agriculture Alzheimer's Disease Art Audio Automation Bluetooth Building and Construction Campervan Camping Cancer Coronavirus (COVID-19) Cycling Dementia Diabetes DNA Electric Vehicles Food Home House Huawei Indiegogo MIT Mobility Moon New Atlas Audio NVIDIA Off-grid Off-road Pedal-assisted Photography Physics Radio Repair RV Samsung Satellite Sony SpaceX spoofing sustainable design The Immune System Tiny Footprint Training Water Zoom

Archives

  • Facebook
  • Twitter
  • Linkedin
  • Email
Copyright © 2026 WindowsTechs.com. All Rights Reserved.
Theme: Catch Box by Catch Themes
Scroll Up