14 Talks I Would Like to Attend This Summer

Here is just a quick list, off the top of my head, of some of the topics I would like to see someone do talks about at security events this summer. If you are in need of a research topic, or something to dig into for a deep dive, give one of these a try. Who knows, maybe you will see me in the audience. If so, then feel free to sit down for a cup of coffee and a chat! 

Here’s the list, in no particular order:

  1. machine learning,  analytics in infosec
  2. detection capabilities with nuance visibility at scale
  3. decision support from security analytics & automated systems based on situational awareness
  4. rational controls and how to apply them to different industries
  5. crowdsourcing of policies and processes – wiki-based approaches
  6. internal knowledge management for security teams
  7. tools for incident response beyond the basics
  8. tools and processes for business continuity after a breach – show us your guide to “Ouchies!”
  9. attacker research that is actually meaningful and that does NOT revolve around IOCs
  10. skills and capability mapping techniques for security teams and their management
  11. new mechanisms for log management and aggregation beyond Splunk & SEIM – how would the death star handle logs?
  12. near-real time detection at a meaningful level – even better if admins can make decisions and take actions from their iPhone/iWatch, 😛
  13. extrusion/exfiltration testing capabilities & metrics-focused assessment approaches for testing exfil robustness
  14. network mapping and asset discovery techniques and tools – how would the death star map their IT networks? 🙂
Give me a shout on Twitter if you want to explore these together – @lbhuston.

Tor Video from Derbycon 4 Available

Thanks to Iron Geek and the Derbycon staff for making my presentation from this year available. 

The talk covered discussions about Tor Hidden Nodes and how crime works inside of the Tor network. Check the talk out here.

There is a lot of good stuff here, and they turned people away from the talk because we over-filled the room. Now, you can actually sit comfortably and watch it. 🙂

Message me on Twitter (@lbhuston) if you want to discuss. Thanks for reading and for watching!

Make Plans Now to Attend Central OH ISSA Security Summit 2014

Brent will be speaking again this year at the ISSA Security Summit in Columbus

This year he has an interesting topic and here is the abstract:

A Guided Tour of the Internet Ghetto :: The Business Value of Tor Hidden Services

Following on the heels of my last set of talks about the underground value chain of crime, this talk will focus on a guided tour of the Internet Ghetto. You may have heard about Tor, the anonymizing network that rides on top of the Internet, but this talk takes you deep inside to visit the slums, brothels & gathering places of today’s online criminals. From porn to crimes against humanity, it is all here.

This talk will discuss Tor hidden services, help the audience understand what they are, how they operate, and most importantly, how to get business and information security value from them. If you think you know the dark side of the net, think again! Not for the feint of heart, we will explain some of the ways that smart companies are using hidden services to their benefit and some of the ways that playing with the dark side can come back to bite you.

Take aways include an understanding of Tor, knowledge of how to access and locate hidden services and underground content, methods for using the data to better focus your business and how to keep an eye on your kids to make sure they aren’t straying into the layers of the onion.

 Come out and see us at the Summit and bring your friends. It’s always interesting and a great event to catch up with peers and learn some amazing new stuff. See ya there!

Come Out and See Us at NE Ohio Security Summit

Brent will be speaking at the NEO Security Summit again this year. He will be concluding his set of presentations on the History of Cybercrime and Toffler’s Cell Theory as its basis. TheSummit is October 24-25, 2103 in Westlake, Ohio. 

Brent speaks on Thursday at 1:15 PM in “The Champagne Room A”. (Get the thought out of your mind.. You know what Chris Rock says… NSFW…)

This is the 11th annual Summit for NEO and it has history of being a fabulous, affordable event. Come out and learn some stuff, get a ton of CPEs and re-connect with old friends. You can find out more about the event and register here. 

As always, thanks for reading and we hope to see you at the event!

UPDATE: Looks like I’ll be doing back to back sessions on Thursday at NEO Summit: 1:15 Crime History in Champagne A, 2:30 Defensive Tampering in Bordeax A. Come out and see me. That’s 2 chances in one day to get your heckle on!!!!

Hello from DayCon!

I have spent some time this week at DayCon in Dayton, Ohio. This is a small hacker conference, with attendance by invitation only. This year the event was focused on attack sources, emerging trends and new insights into the cutting edge of dealing with cyber-crime across many vertical markets and countries.

I speak later today, and I am focusing on the history of cyber-crime, the crime stream, the criminal value chain and how information coalesces before an attack. I look forward to my talk, especially given how engaged the crowd has been thus far with the other speakers. The hallway conversations have been great! 

Lots of variety in the speakers here, with professors, researchers, hackers and even some ICS/SCADA folks in attendance. Lots of good insights floating around and even a few new product ideas!

I’d highly suggest you check out DayCon next year.

PS – Also, looking at the calendar, we are prepping for DerbyCon next week. Come out and see us there. I will be speaking on the Stolen Data Impact Model (SDIM) project and other topics. Plus, as usual, we will be haunting the halls and swinging from the rafters! 🙂 See you in Louisville! 

Thanks for Another Great ICS/SCADA Security Symposium



Thanks to all who helped make the ICS/SCADA Security Symposium fantastic again this year. Great conversations, excellent content and such friendly discussions among peers and concerned parties. 

Next year, we plan to open the event to attendees from throughout the midwest and hope to get even more participation from manufacturing and those who support critical infrastructures. 

Thanks again for all of the hard work that Connie, Chris and the rest of the organizers did to make the event possible. Most of all, thank you for attending, participating and trusting us (and each other) to create such an amazing process of open dialogue. You are all heroes in my book!

Thanks to NEOISF & Ohio State Office of the CIO


Last week we had a great time in Cleveland speaking at the North East Ohio Information Security Summit. Thanks to the folks who came out to hear us speak and to the great staff of NEOISF for making the event such an amazing thing for all who attend. We look forward to next year!

Thanks, as well, to the Ohio State University office of the CIO. We were pleased to participate in the Information Security Day sponsored by the university and Battelle. Thanks to all who attended that event with the threat of Hurricane Sandy looming large. It was a fantastic interaction with some of the next generation of infosec folks and some of the awesome members of the CMH InfoSec community. Thanks for having us participate and especially for asking us to keynote. 

The slide decks for both of these talks are available by request. If you would like to have a copy or set up a time to discuss them, have them presented to your team or engage with us about the content either drop us a line in the comments, reach out on Twitter (@lbhuston) or give your account executive a call at (614) 351-1237 ext 215.

Some pictures from the events are available here:

2012 10oct 25 dsc 0065 smaller

















NEO Summit – Picture courtesy of Greg Feezel (Thanks Greg!!!)

Ohio State Information Security Day

NE Ohio Security Summit – Come Out & See Us!

The NE Ohio Security Summit kicks off tomorrow and runs through Friday evening. Chris Lay (@getinfosechere) and myself (@lbhuston) will be in attendance. I will be speaking on Thursday afternoon about Detection in Depth and some other models for doing nuance detection around the enterprise. 

While you are there, check out the booth of Managed HoneyPoint partner Hurricane Labs, and hit Chris up for a cup of coffee and a friendly discussion about our services, partnerships and engagements.

We look forward to a great event and give much thanks to the folks who put this amazing Summit together. They are an awesome team, with a ton of great help and a can-do attitude. Their hard work and dedication is what makes this one of the best Summit events of the year. Stop them in the hall and give them a big thanks for all they do!

As always, thanks for reading. If you mention you read the post and use the code word “snazzy” when you come up to chat, I just might have a little special treat for you. 🙂

PS – My talk is in Bordeaux B at 2:30 PM Eastern. See ya there!