My Waste of Bandwidth

Published Papers

How Can you build and leverage SNORT IDS Metrics to reduce risk?
SANS Reading Room
September 19 , 2013
Many organizations have deployed Snort sensors at their ingress points. Some may have deployed them between segmented internal networks. Others may have IDS
sensors littered throughout the organization. Regardless of how the sensor is placed the IDS can provide a significant view into traffic crossing the network. With this data
already being generated, how many organizations create metrics for further analysis? What metrics are valuable to security teams and how are they used? What insights can
one gain by good metrics and how can that be used to reduce risk to the organization?

Forensic Analysis on iOS Devices
SANS Reading Room
November 5, 2012
With a “bring your own device” (BOYD) movement, smart phones and tablets have exploded onto the corporate environment and show no sign of receding. This “consumerization” of endpoints means users will be performing work on devices other than the traditional organizational desktop or laptop running windows.

Meeting Compliance Efforts with the Mother of All Control Lists
SANS Reading Room
March 4, 2010
With the multitude of different compliance efforts an organization could be subjected to, it is not uncommon to hear confusion on what may or may not apply. What compliance regulations does the organization fall under? What must the organization do to meet a specific compliance effort and not conflict with a separate one?

Simple Windows Batch Scripting for Intrusion Discovery
SANS Reading Room
September 29, 2009
Common free tools and automatic batch scripting that can be used to identify an intrusion on a Windows operating system.

Is Virtual Desktop Infrastructure (VDI) Right for Me?

SANS Newsbites
July 15, 2009
Virtual Desktop Infrastructure (VDI) is a solution for server-hosted, virtual desktop computing that leverages thin client architecture and centralizes endpoint images as virtual machines.

Creating and Maintaining Policies for Working with Law Enforcement
SANS Reading Room
May 21, 2008
Overview of a strategy that companies can take to deal with law enforcement.

Creating and Managing an Incident Response Team for a Large Company
SANS Reading Room
July 18, 2007
Using good communication skills, clear policies, professional team members and utilizing training opportunities, a company can run a successful incident response team.

Creating a Comprehensive Vulnerability Assessment Program for a Large Company Using QualysGuard
September 9, 2008
Independent author Tim Proffitt writes his thesis, as part of his GIAC certification requirements, on how large companies should implement a Vulnerability Assessment Program using QualysGuard. The white paper is hosted in the SANS Institute Reading Room, and provided by SANS as a resource to benefit the security community at large.


My goal is to write about technology. When I have the time, I enjoy the research and the challenge of taking a complicated subject and presenting it in a understandable format.