Well recent events have been pretty good.

Georgia signed me on to be her assistant at http://bulbsecurity.com.

Tomorrow I hit the road to AIDE 2013 and present there the day after.

I am sure I can find something to say about the trip when I get back.

 

I waited until now to actually make the announcement, their page is now updated on the net, and my speaker slot is confirmed.

Will be presenting on CCDC and Industry.

http://www.appyide.org/aide-2013-friday-april-19th/

More later.

So, CCDC practice yesterday, competition at state level on February 18th. Things are moving along, should be an interesting time again this year. We (and I) have learned some things over the past year, that should hopefully improve our performance.

ProxMox VE, how did I not know about this earlier? Completely avoided my detection. Work has asked that I do some research on both ProxMox and oVirt. I can say so far, that ProxMox makes handling VMs so much easier than ESXi. In addition, while I haven’t done the testing yet, the videos of operations show some great stuff for high availability, shared storage, LVMs, backups, and other key features. I look forward to finding out how oVirt handles many of these same issues.

ShmooCon is coming up, and while I was invited, financially it is not entirely feasible at the moment, plus the time I would have to be off work, and the travel. So apologies to my good friend Georgia, but I will be with you in spirit.

Security wise, it was sure interesting to find out that Microsoft Security Essentials failed the A/V test. Interesting, but not surprising at all.

While overall the unemployment rate is hovering around 8% (don’t even get me started on that fallacy, the unemployment rate only measuring those that are collecting benefits and not including those who have fallen off the roles at the unemployment offices either due to exhausting their benefits or giving up), in the Info Sec job market, there are very few candidates.

As detailed in the following article, there is a huge demand for people with selected skill sets

http://searchsecurity.techtarget.com/news/2240168981/Lack-of-skilled-security-pros-challenges-CISOs-to-fill-specialties

The United States Army for example is aggressively pursuing professionals for work with its “Cyber Brigade” (http://www.cyberspaceskills.com/positions.htm). In fact the hiring efforts of government agencies such as the military, NSA and others makes it just that much harder for traditional employers to compete and hire valued employees.

 

 

DerbyCon 2.0 ‘The Reunion’

Posted: October 5, 2012 in Uncategorized

Wow!

What a weekend. Let’s see, the presentation was well received. I didn’t have a huge room, and it was early on Saturday after everybody partied on Friday night. Morning talks are notoriously slow at conferences. That being said, those in attendance felt my message had value.

It was fantastic being part of the ‘Reunion.’ Last year our little conference raised over $13000 for hackers for charity (go visit hackersforcharity.org). This year we raised $30001. A massive improvement. HD Moore blew everyone’s mind again. The organizers managed to create an environment about sharing, caring, and improving the situation in InfoSec. I was seriously honored to be part of it. The theme this year could be summed up as ‘family.’ That was the vibe, we were all family.

Georgia’s presentation on the Smartphone Pentest Framework was mind-blowing. Great research. More to think about.

Jayson Street hit some of the same points that I made back at BSides Cleveland in my talk there. Ben Mauch (@ben0Xa) hit on it even more and had some very nice derivatives. There was also a James Hamblin from Missouri who does the security for their capital building. He also hit some of the same topic and had derivative methods on improving security awareness.

Visit irongeek.com and watch the videos that he and his team did an amazing job of recording and putting up.

Up next should be a local presentation for the town I live in, and then we are organizing a conference for Fort Wayne.

Thrilling times ahead, I love the industry I find myself in now.

Strategicsec Rookies Program

Posted: September 20, 2012 in Uncategorized

Got involved in the past week with Joe McCray’s rookies program over at Strategicsec.com and enjoying it so far. It means amping up ‘my game.’ But I look forward to that as well. Getting busier and busier and I think the future holds good things.

More to come as time goes on. But thought I would at least mention this. Almost done with my presentation for next weekend at DerbyCon. Looking forward to that as well.

On July 1st, I presented on “Breaking Out of the Echo Chamber” at BSides Cleveland. I had a great time considering it was my first time presenting. I didn’t really like speech class, but I find that I enjoyed my experience overall. A video of the presentation can be found on Adrian Crenshaw’s (irongeek) website. The link is here: http://www.irongeek.com/i.php?page=videos/bsidescleveland2012/outside-the-echo-chamber-james-siegel-aka-wolfflight
Work has kept me pretty busy, but I am still involved with the IvyTech CCDC team, ISSA, and organized an Intro to Programming class for local area youth focusing on Python and Ruby (slides are located here:http://www.slideshare.net/WolfFlight/an-intro-to-programming ). I plan on doing that one again. I also joined Joe McCray’s Security Rookies. Looking forward to interning with Joe. All this in addition to my every day job of being a Systems Administrator and fighting the good fight for BLUE team.

DerbyCon is coming up again, the last weekend in September, and I got selected to present there as well. I am looking forward to that. I am scheduled to speak at 10AM on Saturday in the Stable Talks. Again, I look forward to it.