Earlier this year, I sent out a tweet requesting some hoodie recommendations and received a lot of great suggestions. So many, in fact, I had a hard time deciding. …

No one asked me, but I’m going to share my opinion anyway — I’ve got to mention Apple Arcade first, as it comes just on the heels of Google’s Stadia announcement. It’s terrible timing for them — Stadia promises to be revolutionary, whereas it’s tougher to see the attraction of Apple Arcade. Even if Google over-reaches, I think they’ve at least gone after…

Or, “how to run a small security con in 7,406 simple steps!” — This is part 1 of… I don’t know how many parts there will be. We’ll see how far it goes and how helpful readers find it. A few things have happened recently that spurred me to write this post. First, BSides Knoxville’s 5th annual event is happening in a few…

For the first time in many years, I’m not at the US RSA Conference. It’s expensive and packed, but the vast majority of the cybersecurity industry (especially on the vendor side) make the trek out to San Francisco’s Moscone Center for the show. When I joined 451 Research as an…

An ode to the humble power of the office microwave — Background: Mark is a friend of mine and recently posted about how a client’s break room smelled strongly of cat food. This reminded me of the story I’ll relate here. Let me tell you a story about Mike. I worked with Mike at a small regional ISP that got bought…

One thing that’s bothered me about the security industry is our propensity to immediately seek commercial solutions to our problems. Often, these commercial solutions are designed to become part of our daily security routines: they have dashboards, alerts, and other features. They have configurations or rulesets that need to be…

After tweeting about AlienVault getting acquired by AT&T, I received a private message with the following question: What does an M&A of a company like AlienVault typically mean for services partners? Instead of answering directly, I thought a general brain dump of how I research and approach acquisitions might be…

And yes, this is a ‘good news’ sort of acquisition — Honestly, the only bad thing that comes to mind when I think about our acquisition, which has already been a few months in the works now, is that Kyle and I (and our customers) will miss the Savage name and brand dearly. We spent a LOT of time building our…

Lessons I learned trying to make the most of vendor briefings — I’ve always been a sort of ‘cut-to-the-chase’ kind of guy. I’m self-taught when it comes to security and technology. Over the years, I’ve learned how to skim through a book, article or website to extract the important information. …