By Bob Rudis (@hrbrmstr)
Mon 24 February 2014 | tags: metricon, -- (permalink)

Jay & I had the privilege of co-coordinating Metricon 9 this year. It’s co-located with RSA (USA, 2014) again this year and is on Friday (the 28th) in Room 132 from 0800-1700PST (officially starting at 0900).

You can download the full agenda or view it below (provided the IFRAME ...

By Bob Rudis (@hrbrmstr)
Fri 21 February 2014 | tags: book, -- (permalink)

Shipping notices for the dead-tree version of the book have started to trickle out, so we’ve removed the static landing page that we’ve had up for the book and launched an actual book sub-site where we’ll be able to post errata and provide updates on sales, promotions ...

By Bob Rudis (@hrbrmstr)
Thu 20 February 2014 | tags: data analysis, twitter, data visualization, datavis, passwords, -- (permalink)

The topic of “dump monitoring”—i.e. looking for lists of stolen/hacked credentials or notices of targted hacking—came up on the securitymetrics.org mailing list recently and that seemed like a good opportunity for a quick post on how to use Twitter as a data source and how ...

By Steve Patton (@spttnnh)
Mon 17 February 2014 | tags: datavis, dataviz, AlienVault, data analysis, data management, -- (permalink)

Chapter 3 of Data-Driven Security explores one download of the AlienVault reputation database. As you can see from the book, the reputation database has many interesting aspects to explore, including country profiles, risk versus reliability, and a variety of threat types. Of course, one download represents a simple snapshot in ...

By Bob Rudis (@hrbrmstr)
Mon 10 February 2014 | tags: blog, -- (permalink)

With the launch of our new LinkedIn Page, the Data Driven Security circle is now complete (well, at least until another social/professional network comes along). Not every reader (blog or book) is on Twitter or Google+ and neither I nor Jay are Facebook users, so we wanted to make ...

By Bob Rudis (@hrbrmstr)
Sat 08 February 2014 | tags: R, reproducible research, botnet, -- (permalink)

It’s super-#spiffy to see organizations like Sucuri share data and insight. Since they did some great work (both in data capture and sharing of their analyses), I thought it might be fun (yes, Jay & I have a strange notion of “fun”) to “show the work” in R. You ...

By Bob Rudis (@hrbrmstr)
Fri 07 February 2014 | tags: book, -- (permalink)

It seems I missed spamming that Data-Driven Security (the book) is also up on Apple’s iBooks Store. Consider yourself spammed! As an aside, it’s been really difficult figuring out a happy medium from supporting the publisher/promoting the book to actual, horrible spamming, so call me (@hrbrmstr) out ...

By Bob Rudis (@hrbrmstr)
Tue 04 February 2014 | tags: R, passwords, -- (permalink)

The pipal utility is one of the standard, “go-to” tools when analyzing cracked password dumps. It’s a command-line program written in Ruby and I thought it would be interesting to port the base functionality to R and then build upon that base over time (R has some really handy ...

By Bob Rudis (@hrbrmstr)
Sat 01 February 2014 | tags: twitter, data science, -- (permalink)

If your day happens to be too tumultuous for a textbook and too busy for a long-form blog post, consider tapping into these Twitter resources to see what's happening in the world of [security] data science…

By Bob Rudis (@hrbrmstr)
Sat 01 February 2014 | tags: shiny, -- (permalink)

Nature (VOL.11 NO.2 | FEBRUARY 2014) had a really useful letter to the editor PDF readcube titled “BoxPlotR: a web tool for generation of box plots” that included this equally really useful overview graphic that shows a sample of 100 data points visualized five different ways.

Jay used box ...