August 4, 2017

Familiarity Breeds Contempt: APT Edition

Here’s a familiar scenario: A new threat is being whispered about. Maybe your office has someone with special access of some kind and they’re being a bit more secret squirrely than usual. The mailing lists you’re on are a buzz about a new piece of malware or vendor code name. You keep hearing about a paid only report that tells all. APT 46: EMPEROR PENGUIN is coming! When your boss asks about EMPEROR PENGUIN you have to say you don’t know much… but you’ve heard they’re very good, very advanced, well funded, with great opsec… obviously a serious threat aimed at hard targets (which your organization obviously is). Read more

January 11, 2016

Introduction to DFIR

One of my favorite things is talking to students and people new to the security field. It feels like yesterday I was wandering around the first Shmoocon as a student in awe of the people I met and the work they were doing. Now I’m 10 years into my career and have a whole different perspective (though still in awe with those folks). Starting a career in infosec isn’t easy and while there are better general introductions I wanted to add my perspective on getting started in Digital Forensics and Incident Response (DFIR). Read more

June 6, 2015

How I Atom

Update - April 2019: To be honest I don’t Atom anymore. I switched to Visual Studio Code in the middle of 2017 while writing TypeScript and Golang and haven’t looked back. During the time I’ve been at GitHub one of the coolest projects to come out has been Atom, GitHub’s own text editor. I’ve been using it since the day it got released internally at GitHub and I can say Atom is one of my 3 top used applications and an essential part of my work flow. Read more

May 2, 2015

Imposter Syndrome in DFIR

Impostor syndrome can be defined as a collection of feelings of inadequacy that persist even in face of information that indicates that the opposite is true. It is experienced internally as chronic self-doubt, and feelings of intellectual fraudulence. Imposter Syndrome ~ The CalTech Counseling Center There isn’t an easy way to start a post like this and there doesn’t need to be. Imposter Syndrome is something most people don’t know a lot about (I’d never heard the idea until I started working at GitHub) but it’s something everyone is intimately familiar with. Read more

January 23, 2014

Online CTFs

I’ve been lucky enough to play in a number of computer attack & defend (sometimes only one or the other) Capture The Flags. They’ve been some of the best learning experiences I’ve ever had and a ton of fun. It really compresses all of cyber security, minus that boring policy stuff, into a smaller time frame. Even with all the benefits there is one tough part: you can’t always spend a weekend in a friends basement with a pallet of Redbull or on the floor at DefCon CTF. Read more

© Scott J Roberts 2019

Powered by Hugo & Kiss.