HolisticInfoSec.org's Russ McRee speaks regularly on information security topics in the hope of sharing knowledge and resources with a wide audience.
Presented Evil Though the Lens of Web Logs at Microsoft Security Response Alliance Summit 2012 on Thursday, July 12, 2012.
Presented OWASP Top 10 Tools and Tactics at SANSFIRE 2012 in Washington, D.C. on Tuesday, July 10, 2012.
Presented Evil Though the Lens of Web Logs at RSA 2012 , March 2, 2012.
Presented OWASP Top 10 Tools and Tactics at SecureWorld Expo Seattle in Bellevue, WA on Thursday, November 17, 2011.
Presented OWASP Top 10 Tools and Tactics at the ISSA International Conference in Baltimore on Friday, October 21, 2011.
Presented Visualizing APT: Analyzing the Zeus Attack against Government and Military at the Rochester Security Summit in Rochester, NY on October 5th, 2011.
Russ participared on a panel discussion specific to forensics and cloud IR at the Black Hat Executive Briefings at Black Hat Las Vegas, August 2nd, 2011, 4 pm.
Presented Incident Response in Increasingly Complex Environments on Tuesday February 22nd at 11:30 to the ISSA Alamo Chapter in San Antonio, TX.
Conducted a breakout session at the RSA 2011 eFraud Network Forum, Malware-Proof: Building Resistant Web Applications, February 14, 2011, 2:10-3:10 pm.
Presented Incident Response in Increasingly Complex Environments at the ISSA International Conference. September 16, 2010, in Atlanta, GA.
Presented Visualizing APT: Analyzing the targeted attacks against government, military, and industry at the ISSA Puget Sound August 2010 Membership meeting, August 19, 2010, City University, Bellevue, WA.
Presented Incident Response in Virtual Environments: Challenges in the Cloud, with Bryan Casper, at the 22nd Annual FIRST Conference in Miami, on Thursday, June 17, 2010.
Presented Visualizing APT: Analyzing the Zeus attack against government and military to the Washington State HTCIA on April 16, 2010.
Provided a guest lecture at University of Washington's Certificate Program in Information Systems Security , specifically on the topics Practical Crytography: TrueCrypt and Web Application Security Flaws (May 21, 2009).
Presented The XSS Epidemic: Discovery, Disclosure, and Remediation at the 2008 ISSA NW Regional Security Conference on April 23rd, 2008, in Olympia, WA. This presentation was the result of a great deal of research for the April 2008 toolsmith of the same approximate title. The most disturbing finding during this process was the discovery of yet another batch of Hacker Safe branded sites that are certainly not. Refer to the blog post and video for more information.
Russ gave an overview of RAPIER during a SANS Ask The Expert Webcast, Malcode Analysis and Response: Proficiency vs. Complexity on March 20th, 2008.
Russ offered Malcode Analysis Techniques for Incident Handlers at SecureWorld Expo Seattle 2007 : The threat landscape changes constantly, driven in part by the "bot economy" and changing malcode techniques. In response, incident handler techniques must keep pace. This presentation will cover tools and methodology useful to handlers, analysts, and administrators. From detection and discovery, capture and containment, count on a useful discussion meant to further your understanding of the information security practitioner's greatest bane.Slides available below.
Russ taught SANS Stay Sharp Google Hacking and Defense on July 19th, 2007 in Bellevue, WA. SSP-GHD offers a "fundamental understanding of technical defense measures to uncover unintended information disclosures, close common holes in web servers and Internet connected devices as well as clean up the exposures discovered."
3rd Annual ISSA Northwest Regional Security Conference May 11th, 2007. Covered toolsmith highlights.
Guest Blog Posts
Microsoft Internet Explorer Blog: Statistical Validation of the IE8 XSS Filter
Microsoft Malware Protection Center Threat Research & Response Blog: Another Reason to Avoid Piracy
Malcode Analysis for Incident Handlers is being updated for the 20th Annual FIRST Conference.
|< Prev||Next >|