"If you spend more on coffee than on IT security, you will be hacked. What's more, you deserve to be hacked - Richard Clarke"
Welcome

Russ McRee's HolisticInfoSec.org is dedicated to sharing information security content and resources in an open, clear manner, with the hope of helping improve infosec for all who seek to do so. Information security is best broken down to the most simple components: best practices and common sense. The threat-scape facing an information security practitioner is perpetually dynamic; we must adapt and evolve as do those threats. Holisticinfosec.org endeavors to aid in that process through dynamic content and timely topics in ISSA Journal's toolsmith. As well we know, those who would do harm never rest: protect your own.

 

Twitter Button

 

Practice simplicity
Seek to be proactive, rather than reactive
Think creatively, but adhere to standards
Employ best practices
 
2011 Toolsmith Tool of the Year
Merry Christmas and Happy New Year!
It's that time again.
Please vote here  to choose the best of 2011, the 2011 Toolsmith Tool of the Year.
We covered some outstanding information security-related tools in 2011; which one do you believe is the best?
I appreciate you taking the time to make your choice.
You can review all 2011 articles here  for a refresher on any if the tools listed in the survey.
Results will be announced February 1, 2012.
 
Presenting Evil Though the Lens of Web Logs at RSA 2012

RSA

Russ will present Evil Though the Lens of Web Logs at RSA 2012, March 2, 2012, 11:20 am. The session ID is HT2-403 and the room is Red 104.

 

Web logs can be analyzed with specific attention to Internet Background Radiation (IBR). Two bands of the IBR spectrum include scanning and misconfiguration where details about attacker and victim patterns are readily available. Via web application specific examples this discussion will analyze attacks exhibiting traits, trends, and tendencies from the attacker and victim perspectives.

 

   
 
toolsmith
January's toolsmith features a ZeroAccess malware analysis with OSForensics from PassMark Software.
toolsmith offers insights on tools useful to the infosec practitioner, typically open source and free.
The ISSA Journal is available to members in print and online at issa.org. Article copies are available on the toolsmith page.