Search Results



AlecLet me have your attention. Are they all here? Close enough.

What are we talking about? That pentest you failed? The thousands of anti-virus alerts you get? That reseller you screwed over for a vuln-scan? Let’s talk about something important.


You think I am messing with you. I am not messing with you, pal.

I’m here from Anitian. I’m here from downtown (Portland, Oregon) on a mission of mercy.  And the word is YOU ARE ALL HACKED.

Oh, have I got your attention?

Who am I? I’ve been in this business for 20 years.  You see that blister on my foot and that notebook full of scribbles?  You Uber’ed here in a Hyundai pal while I was attending sessions on visualizing complex data sets with the guys from OpenDNS, THAT’S WHO I AM.

Many of you have heard about the big breaches—Target, Home Depot, Premera, and so on. We’ve got a new contest for you CISOs. Want to know what the prize is for securing your business? First prize is you keep your job. Anybody wanna see second prize? Second prize is, you’re fired.

Good security practices from SANS, you have them. Go out and implement them. If you cannot, you’ll be shining my shoes. I know what it’s like. Bunch of drunk CISOs, sitting around the bar at the W: “Oh yeah, we got hit with a SQL Injection attack. We didn’t parameterize our inputs. It’s a tough racket.”

You have the technologies. Bain Capital paid good money for those, now go out and inspect your SSL sessions with that BlueCoat box.

The IPS is weak. YOU’RE WEAK! I could take the Ciscos I have right now and protect 100,000 endpoints. You call yourself an infosec practitioner, you son of a gun? How do you take the abuse of RSA?


AIDA: Attention, do you have the board’s attention? Interest, a hacker don’t penetrate the network lest he wants your data. Decision, have you made your decision for threat intelligence monitoring? Action, can you do what needs to be done? Are you smart enough?

You know what it takes to secure an enterprise? Brass endpoint protection from Cylance…and a next-generation firewall from Fortinet…and an RSA analytics platform…and an incident response program…and a SIEM…you get the idea.

You see these? Cyphort, FortScale, Guardicore, Waratek, Vectra, CyberReason, CrowdStrike, and Norse? These are the GlenGarry products and YOOOU don’t get them. Installing them in your APT-filled network would be like throwing them away. They are for securers.

I wish you luck pal but you wouldn’t know what do with it. And to answer your question, RSA, what was Alec Baldwin doing here? I have no idea. I told Hugh Thompson, to get William Shatner again. But do they listen to me?


I’ll write more next week. And don’t miss our RSA Conference 2015 Wrap up webinar next week.  We will be discussing the conference and providing our uncensored view of the products, personalities, and presentations of RSA 2015.

What the heck is this? Watch this video (NSFW language!) for reference.