Looking back at the difference a year makes
In which I try to remember what I've run
Putting their pants on just like you do
Why your IA policy regarding passwords sucks - and how to fix it
Focusing on the negative can result in missed opportunities
Why your reporting quality hurts you more than you know
Why putting idiot checks into tools only hurts us
Why aren't there more real attackers? I have a theory. It might suck.
Demystifying the various terms around what we do
Highlighting the importance of taking the time to do it right
Everyone is a target, especially if they think they aren't
Erasing boundaries in offensive operations
Destroying the common objections to our engagements and erasing boundaries
Challenging a defender's assumptions on what attackers can do - and how they do it.
Security awareness training destroys valuable brain cells
In which I learn I need better backups...
Skepticism about a recent news article
Exploiting X11 To Compromise Enterprise Networks
Why sys admins are legitimate and useful targets