Publications

March 20th, 2013

I have published several practical papers, as well as several books. I am *very* bad about keeping this page up-to-date with articles and publications, better to Google if you are so inclined. My courseware writing with the SANS Institute is their property, and only available by purchasing/taking a course through them.

Papers
“The Yin and the Yang: A Sordid Tale of Information Security OR DCOM, Netcat, and a Live Response, OH MY!”

Securing the SOHO: A Discussion with a Tutorial of Tiny Personal Firewall 2.0

Implementing an Antivirus system as part of an overall ISO 17799 ISMS

SANS Analyst Program: The Log Management Industry 2005- An Untapped Market
(with Stephen Northcutt, Jerry Shenk, and Leonard Ong)

SANS Analyst Program: The Log Management Industry 2006- An Untapped Market
(with Stephen Northcutt, Jerry Shenk, and Leonard Ong)

SANS Analyst Program: Penetration Testing: Assessing Your Overall Security Before Attackers Do
(with Stephen Northcutt, Jerry Shenk, Tim Rosenberg, Raul Siles, and Steve Mancini)

SANS Analyst Program: Using Security Information Management Systems for PCI Compliance

SANS Analyst Program: Regulations and Standards: Where Encryption Applies

SANS Analyst Program: Leveraging Event and Log Data for Security and Compliance

SANS Analyst Program: Monitoring Security and Performance on Converged Traffic Networks

SANS Analyst Program: Real-time Adaptive Security (Sourcefire)

Article: Simple ways to test Web applications for security (SANS Advisor)

Article: Using Group Policy to configure Windows XP Firewall (SANS Advisor)

Article: Detecting Spyware in HTTP Proxy Logs (SANS Advisor)

Books

Virtualization Security: Protecting Virtualized Environments

Hands-On Information Security Lab Manual

Readings and Cases in the Management of Information Security
(Reading 3: Managing Incident Response)

Courses
Virtualization and Private Cloud Security

Advanced Security Essentials: Enterprise Defender

Comments are closed.