Okay, break’s over. Back to work!

So I took a little vacation to a tiny little rock out in the middle of the South Pacific. Isla de Pascua, Rapa Nui, Easter Island…whatever you want to call it, it was amazing. What an incredible time I will never forget. It was a little odd not having phone, internet, or any sort of tether back to society. At the same time, it was really nice to literally be off the grid for some time. However. It’s all done. Break’s over. It’s time to get back in the swing of things.

A day after getting back, I packed up and headed to Denver at the Optiv ES3 summit to do a brand new talk on insider threat. I love the city of Denver, so I’m always happy to get invited back out there. The talk, despite being my first presentation on the topic, went really well. The talk was well attended, and well received. Plus, at the end of the day I got to hang out and talk with Brian Krebs. That was great! I’m planning on heading back out to Denver sometime in August, but until then…there’s a LOT more to be done. (btw – the goatee got a good trip shortly after this picture.)

There’s a lot going on between now and even August. First off, I’ve got to make it out to Phoenix for a few client visits and prep for a round of forums I’m presenting later in Q3. I’ll fly back late Friday night. Then it’s up to Boston this coming Sunday. I’m presenting two new presentations at the CyberArk 2017 Impact Summit in Boston. I’ll be talking on Ransomware. The goal is to focus particularly on the WannaCry and NotPetya ransomworms and defensive strategies to address the next generation of Ransomware.  The next talk, is what I’m REALLY excited about. My good buddy Len Noe and I are basically going to carpet-bomb the audience with live demos of real penetration testing tools. A few of the things we plan to demo are the PoisonTap, BashBunny, Inveigh and Responder, the Wifi Pineapple, and my favorite live demo…MouseJack (code injection on a machine not even connected to the network).  It’s going to be a lot of fun. I also built one hell of a powerpoint presentation to go along with it. Something like 7 slides and 2.9GB. I rendered the slides as video and have scenes from Hackers playing silently in the background. Whichever breakout presentation gets the highest marks gets to present to the mainstage. Either way, it’s gonna be off the chain!

After Impact, we’ve got the CyberArk Midyear Sales Kickoff. I don’t have any expectations there, other than it’s going to be a lot of work while we’re up there.  After that, I have one week back in Dallas (unless something comes up, which it typically does). After that…it’s off to Vegas for Hacker Summer Camp! Woo hoo!  For Blackhat, I don’t get to attend, but I actually have to work the event. I absolutely love Blackhat. You get to meet a lot of great and interesting people. After that it’s onward to BSides and DEFCON 25. I’ve been waiting all year for this.  As soon as I heard it was at Caesar’s this year, I made sure my room was reserved. Due to my wife’s travel hacking, I have status at Caesars. I get a nice big room (photo below was the last time I stayed at Caesar’s Palace earlier this year at Gartner), access to free services, and the VIP lounge. So…now I have 3 friends staying with me in the room and live video feeds of the talks downstairs if they’re too packed. I’m really looking forward to it.

So yeah, that’s just July. August is gonna be crazy too!

Taking a break…

So I just wrapped up yesterday BSides Cincinnati. It was a great event. Great folks, great weather, great venue…just great all around. Anyways, I’ve been working, traveling, speaking a lot more than I had originally anticipated the last six months. I’m going to take a break from the travel/conference stuff for just a couple months and slow things down some. I’ve recently taken on a large amount of responsibility at work that needs my full attention. The kids are about to be on Summer vacation and I’m looking forward to spending a little more time with Mrs. Rainmaker. We’ve got an insane vacation planned sometime in June. CyberArk has an amazing customer conference coming up in July. And I couldn’t forget about Hacker Summer camp! Blackhat, BSides Vegas, and DEFCON 25 are all going down in July/August. I’ve got status with Caesar’s so I’m planning on getting a killer room, living the VIP life, and enjoying the trip to the fullest extent. Even without traveling for work and conferences, that’s still a lot of travel planned.

Again, this is only a small break. I already have a new deck prepared on Insider Threat. I’m going to pick that back up in September along with the others. Knowing me, I’ll probably have more time to work on projects at home and maybe update my blog from time to time. 🙂

Mastodon

So recently, the InfoSec community has made a mass exodus from Twitter to a new social network. This is an interesting one. Everyone’s moving to Mastodon. Mastodon is a free, open-source social network made up of federated servers. It’s a decentralized platform that doesn’t have a single company running, storing, and manipulating (for commercial gains) your data. Anyone can stand up a Mastodon server, however most simply pick out a server from the long list and participate.

From an end-user perspective, this is a twitter replacement. It’s very similar in that you have a limited (albeit longer character limit) to work within. Tweets are now called “toots” (yeah…sorry about that). Retweets are now boosts.

I’m still on the fence about the entire thing. I’m afraid it might not have enough traction in the social media market to be successful. However, I’m not going to complain. Rather I’m going to logon and participate. You can find me at Rainmaker@Mastodon.cloud.

 

More Speaking Events!

More events to add to the calendar:

May 5th – CISO Thought Leadership Forum – Dallas,TX Panelist on Insider Threat.

May 12-13 – BSides Denver – Denver CO

May 20th – BSides Cincinnati  – Cincinnati OH

June 20th – Optive ES3 – Denver CO

July 12th – CyberArk Impact – Boston MA

Inbetween all this, I’ve got my regular Advisor duties to attend to. Somewhere in all this, I’m taking the wife and kids to Easter Island in the middle of the South Pacific. After this, I think I’m going to take a couple months off to refresh and brush up on some new content.

 

GIAC – GPEN Certified!

I took my GPEN certification exam on Thursday and I passed. I was rather nervous to be honest about the exam considering two of my fellow co-workers struggled with it. I waited until the very last day to take the exam and I’m glad I did. Luckily I scored a 91%. Even though it was open book, it was a doozy of an exam. I had my notes, index, and the texts to work from…and it was still a challenge. TBH – I’m really proud of my index (no I won’t share it with you). It looks like a unicorn threw-up on a notebook, but it had just about everything I needed. I’m also excited because I scored high enough to be in the advisory council and to possibly be a SANS mentor! I’m very humbled and honored!

Just a little tip thought: I won’t go into specifics, but I would advise anyone taking the exam to brush up specifically on the netcat switches and really learn scapy backwards and forwards. Not only will it help you with the exam, but I’ve found myself using both tool in my day to day roles a lot now.

So…what’s the first thing I do now that I don’t have a certification deadline looming over me? Go pick out another cert to tackle. My wife tells me that I’m goal driven. I need a goal to strive for if I want to be productive. At this point I’m strongly considering either the CCSP from (ISC)2 or one of the Amazon certifications. I need to skill-up on cloud a little bit before I go after the OSCP. So let me know. What do you think? What certification should I go after next?

 

One last thing….

 

Dearest people outside of the realm of InfoSec,

Someone mentions the word ‘Penetration’ in proper context, and you folks lose your damn minds. Get your heads out of the gutter. Thanks.

Speaking Engagements!


So, I’m going to be a little busy the next few weeks. Not entirely sure how many gigs I’ve got booked, but here’s my speaking calendar booked out so far…

Oh yeah, sometime between all of this I’m doing my regular job responsibilities and studying for my GPEN. Wish me luck!

Roadwarrior Gear

So if you follow me on twitter, you already know I travel. A lot. My wife is also a “travel-hacker”. Over the last year I think I’ve been to Alaska, Arizona, California, Oklahoma, Arkansas, Louisiana, New York, and Boston. I’m sure I forgot some along the way too. Internationally, I’ve been to Australia, the Bahamas, Panama, Costa Rica, Guatemala, Aruba, Hawaii, and later this year the Dominican Republic. So yeah…I fly, a lot.

So between my work life and my professional life, I’ve found a few things that make my life just a little bit easier. I speak highly of these particular products to the point that based on my recommendations, my friends, co-workers and family have bought a bunch of these different products. Here are some of my favorites. Feel free to buy through the links below and give ole Rainmaker a little kickback if you don’t mind. 🙂

Read more “Roadwarrior Gear”