Output

This is a non-exhaustive collection of things I’ve put out into the world.

Research, Presentations, Products

2024-10-10 POLARcon 2024 Adventures in Risk Management: or, how I learned to stop worrying and delete the risk register

2022-08-11 Black Hat 2022 When MFA Bypass Leads to an Account Take Over Attack (sponsored)

2021-11-03 FS-ISAC FinCyber Today - The Paradigm Shift of Data Loss Prevention in Financial Services

2019-02-21 CRXcavator.io Open and accessible browser extension security and risk management platform. Duo Blog Announcement

2018-07 Google Next 2018 Work Smart and Stay Safe with Chrome Enterprise Customer case study from Duo, including first public launch tease of CRXcavator.io

2013-10 - Ruxcon 2013 The BYOD PEAP Show: Mobile Devices Bare Auth

2013-08-04 - DEF CON 21 The BYOD PEAP Show: Mobile Devices Bare Auth New techniques for attacking enterprise wifi.

2013-08-01 - Black Hat 2013 The Outer Limits: Hacking a Smart TV

Media

2022-03-11 Security Magazine - The Security Podcasts

2021-12-20 Dark Reading - Zero Trust Shouldn’t Mean Zero Trust in Employees

2021-11-18 Forbes - Leadership Strategy

2017-03-13 - LastWeek Tonight, background contributor on CIA Smart TV hacking “Weeping Angel”

2013-08-13 - NPR All Tech Considered Coverage of Smart TV hacking from R00tz Asylum “DEF CON Kids”

2013-08-07 - CBS News Can Your Smart TV Watch You?

2013-08-02 - Mashable Your Smart TV Could Be Hacked to Spy On You

2013-08-01 - CNN Money Your TV might be watching you