Sign in


Anyone can have a bad day. Take for example, in professional baseball, the league’s top-performing pitcher. This pitcher could be unhittable for most of the season, but then have a single game where he just can’t find the strike zone or the opposing team is hitting and scoring with ease. Yesterday, the CDN provider Cloudflare, had a bad day as the experienced a service outage resulting in about 30 minutes of downtime for customers. In baseball, the root of the problem for a bad day is mental, which is not easily avoidable. However, in technology, we stand a better chance…

The HoneyDB project continues to evolve to make it easier for developers, security researchers, and network defenders to deploy honeypots on the Internet. As a new step forward in this evolution, I’m happy to announce the HoneyDB Agent is available as a 1-Click deployment in the DigitalOcean Marketplace! Within minutes you can deploy a honeypot and quickly start collecting threat information for research or to help protect your Internet-facing assets from malicious sources.

DigitalOcean has always been a cost-effective, easy to use, cloud platform and their new 1-Click deployment option makes it even easier to deploy.

Photo by VADIM GHIRDA/AP — source

With Internet exposed web applications prompt mitigation of CVE (Common Vulnerabilities and Exposures) is critical. When a new CVE has been announced the response drill is all too familiar to InfoSec teams. First, evaluate the details of the CVE to determine if any of their applications are impacted. In many cases, it’s a scramble to try and discover if the vulnerable framework or code is even being used in their environment. Next, Google searching to find any proof of concept (PoC) exploit code that may have been published. …

Photo by Lorenzo Herrera on Unsplash

We do a lot to protect our homes. After all, the home is meant to be our safe place, where we can find comfort and have privacy. To protect our safe place we have fences, locks on doors, alarm systems with sensors, surveillance cameras, and even video doorbells. Oh, and let’s not forget man’s best friend, guard dogs. We apply all these protections to keep our things, and more importantly, our family safe. Who doesn’t want to protect their home? However, with the volume of computers and consumer IoT devices we welcome into our homes, we’ve created a digital backdoor…

Photo by Pawel Janiak on Unsplash

In early Fall of 2018, I drafted a cybersecurity predictions article for 2019, which was published by DARK Reading. Since drafting the article I have seen various reports of incidents that confirmed some of the items I talked about. While we are still only just getting started in 2019, I want to take a quick look at some of these incidents to see how my outlook for 2019 faired. Finally, I’ll briefly touch on a hot political topic that was not predicted, the US government shutdown and its potential impact on cybersecurity.

If you’d like to read full article of…


Does malware analysis peak your interest? Are you looking for sources of malware for research, or just to practice your craft? Honeypots are a great way to identify sources of malware. There are numerous honeypots available that will help you find or even capture malware samples. However, in this post I want to show how this can be done using HoneyDB and related tools. By using HoneyDB you can get up and running quickly, and you’ll be contributing honeypot data back to the community.

The steps described in this post are:

  • Creating a HoneyDB account.
  • Deploying and configuring a HoneyDB…

Dear RASP,

It is finally time for me to write you this letter. When we first met you were something new and exciting. I had never seen anything in application security (AppSec) like you before. You were a different and promising solution to mitigate the risks we all worry about as AppSec practitioners. When you told me your name, Runtime Application Self-Protection (RASP), and what you did, all I could say was “wow!” I sure did want to get to know you better.

But the more I got to know you, the more I realized things between us would not…

Early last year I published a fun tool called sigsci-sounds for users of Signal Sciences — my prior blog post can be read here. Sigsci-sounds monitors attack and anomaly data and will play a sound for each type of attack or anomaly. Rather than trolling logs or staring at dashboards, let your web application tell you when it’s being attacked. In this post, I want to let you know about several improvements to sigsci-sounds.

Photo by Spencer Imbrock on Unsplash

The Remix Specifics

First off, you can find sigsci-sounds on Github here. Written in Go, sigsci-sounds was one of my first projects to start learning Go — and also…

Having the privilege to work with so many great enterprise customers has its benefits. One great benefit is you are always learning something new. With a diverse set of organizations operating in different ways and seeking to solve different problems, having to learn something new is unavoidable.

In this blog post, I want to share a very simple and helpful availability metric I learned about while responding to a customer’s request. This metric is called aggregate availability, and it comes straight out of Google’s seminal book on the subject, Site Reliability Engineering. …

Application Security in a DevSecOps world

Signal Sciences offers tremendous capabilities to defend web applications. I’m not talking just about how it defends against the usual suspects like OWASP injection attacks. I’m talking about how Signal Sciences Power Rules gives you the flexibility to easily define rules on the fly, so you can react to threats in real time. Given how much our customers have taken advantage of Power Rules, — over 20% of our customer traffic includes Signals created to surface unique application use and abuse — the need for this capability is real. …

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store