By Bob Rudis (@hrbrmstr)
Fri 22 May 2015 | tags: blog, bsides, presentations, -- (permalink)

Tony Martin-Vegue’s (@tdmv) & Jason Trost’s (@jason_trost ) data-driven presentations from BSides SF 2015 are up on YouTube. Definitely worth carving time out to watch both of them.

How to Lie with Statistics, Information Security Edition

BSides Abstract for Tony’s talk

Lessons Learned from Building and Running MHN, the ...


By Bob Rudis (@hrbrmstr)
Tue 19 May 2015 | tags: blog, -- (permalink)

Akamai released it’s Q1 State of the Internet/Security Report today. They were an awesome partner for this and previous year’s DBIRs and their report (along with Arbor Networks Report) provides a much more detailed look at denial of service attacks than we could ever have done ...


By Bob Rudis (@hrbrmstr)
Thu 14 May 2015 | tags: blog, excel, datavis, -- (permalink)

I saw some chatter about a post on spam and new gTLDs on Kasperky’s SecureList and initally got excited that there might be actual data to look at since our work-team started looking at this very topic last year but got distracted by the 2015 DBIR work (we’re ...


By Bob Rudis (@hrbrmstr)
Mon 11 May 2015 | tags: blog, r, rstats, elasticsearch, ipv4heatmap, json, -- (permalink)

Work has kept myself & @jayjacobs quite busy of late, but a small data set posted by @jw_sec this morning made for an opportunity for a quick blog post to show how to do some data maniupation and visualization in R for both security and non-security folk (hey, this may even ...


By Fernando Montenegro (@fsmontenegro)
Sat 07 March 2015 | tags: blog, mooc, education, -- (permalink)

I’m thrilled to be invited to share my perspective after taking a rather unique MOOC offering - Economics of CyberSecurity, organized by TU Delft. This was a 5-week course covering several aspects of ‘Information Security’ from the perspective of ‘security economics’, which is the discipline that has been evolving since ...


By Bob Rudis (@hrbrmstr)
Sat 24 January 2015 | tags: blog, rstats, r, shiny, dashboard, -- (permalink)

Jay & I cover dashboards in Chapter 10 of Data-Driven Security (the book) but have barely mentioned them on the blog. That’s about to change with a new series on building dashboards using the all-new shinydashboard framework developed by RStudio. While we won’t duplicate the full content from the ...


By Bob Rudis (@hrbrmstr)
Wed 21 January 2015 | tags: blog, papers, research, -- (permalink)

This morning, both David Severski & Gabe the Engineer shot me links to the MC2 Workshop on Data-Driven Approaches to Security and Privacy that was held at the University of Maryland recently (Jan 8-9).

I couldn’t find any proceedings or presentations from that conference, but I did take a stroll ...


By @alexcpsec, @bfist, @hrbrmstr
Tue 06 January 2015 | tags: blog, veris, vcdb, humor, -- (permalink)

Need an opinon about the Sony hack?

There are a lot of opinions out there attributing the recent breach of Sony Pictures Entertainment to a variety of sources. Let’s face it, you probably don’t know who hacked Sony. Unfortunately in the world of information security it is pretty ...


By Bob Rudis (@hrbrmstr)
Fri 02 January 2015 | tags: blog, rstats, r, ipv4, ip address, hilbert, -- (permalink)

While there’s an unholy affinity in the infosec commuinty with slapping IPv4 addresses onto a world map, that isn’t the only way to spatially visualize IP addresses. A better approach (when tabluation with bar charts, tables or other standard visualization techniques won’t do) is to map IPv4 ...


By Bob Rudis (@hrbrmstr)
Tue 30 December 2014 | tags: blog, -- (permalink)

First we’d like to give a huge thank you to all our blog & book readers (and guest contributors) + podcast guests & listeners. You all made 2015 a supercalifragilisticexpialidocious year for Jay & I with your tweets, reviews, ideas, commentary, contributuons and in-person connections.

In twelve months, we managed to crank out ...


Page 1 / 9 »