Thursday, March 10, 2016

Boston Security Camp - Afternoon Session

From the afternoon session of the BC Security Camp.

REN-ISAC

REN-ISAC watches,
Threat sharing flows through their hands,
Tall trees grow stronger.


APT Experiences

Even an oyster,
Old, rotten, may have a pearl.
Must open a phish.

VirusTotal shrugs
At the malware file we found.
Wolves howl outside.

IOCs popping.
The APT evolving.
Wounded lamb crying.


Creating a Good Business Relationship Between IT and Treasury for PCI compliance

One good data breach.
Storm water breaks through a dam.
Beavers must rebuild.

Follow the money.
Stars pointing to Treasury:
A PCI map.

Sharing the burden,
Huddling against the winds
Of attestation.

Database Security

The harsh thunder booms
When audit arrives, seeking
Your database logs.

A giant mountain,
Oracle databases.
Their logs are lava.

Information flows
Meta information grows.
DBA hair grays.

Boston College Security Camp - Morning Haiku

I have the privilege of attending this year's Security Camp hosted by Boston College. This morning's presentations inspired some haiku.

Security Camp.
Talks around the camp fire.
Ghost stories, epics.


Moving to the Cloud - Resistance is Futile

Somewhere in the Cloud,
Raindrops form from falling ice.
Your data in tears.

Backups in the Cloud
Backing up backed up data.
Clouds, rain, ocean, clouds.

Acquiring clouds
And claiming them to be yours.
A game for sad fools.


Information Stewardship Governance Program 

Stewarding data,
Each piece led across the Styx
Or to calm prairies.

Understand your data:
A wolf knows all paths traveled
By each pup and prey.

Acorns stored by squirrels
Remain hidden all winter.
Come spring, they grow large.


Software Identification Tags

What should be patched when
Vulnerabilities drop?
Ask the wind and hope.

Browsing undergrowth,
Doe wishes she knew what's there,
Eating, not searching.

XML flowing,
Tagging the world that it knows.
Each leaf on each branch.