Career

The Catalyst Career Compass Program

by kriggins on February 16, 2010

in Announcement, Career

If you are employed, you have a job, but do you have a career? Do you want one? What do you want it to look like?

If you have a career, is it going where you want it to? Need some help from a supportive and objective partner who will lead you through a critical assessment of where you are and where you want to go?

Michael Santarcangelo is starting a new service called the Catalyst Career Compass program over at the Security Catalyst. From the description:

Career Compass Overview

Whether you are currently a Security Professional or want to become one, this highly flexible program will help you set and meet your professional ambitions while serving lifestyle goals.

Set your Career Compass:

  • To prepare for a raise
  • To receive a promotion
  • For career development
  • If you are ready to move into the security field
  • To find a new position (within your current company or outside it)

Michael is truly dedicated to helping others. He is looking to iron the wrinkles out of the program with a first batch of guinea pigs...I mean...beta testers :)

Check out the post and let Michael or me know if you are interested in participating. I truly believe that you find great benefit from working with Michael and also a new good friend in the process.

-Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. This is a good article to look at if you are thinking about the cloud and your business. (Hat Tip: @infosecstuff)
    Cloud Security: Ten Questions to Ask Before You Jump In
    Tags: ( cloud )
  2. Another interesting tool today. Use Bing to find associated IP address and DNS hostnames. (Hat Tip: @lbhuston)
    Bing Web Server Probe
    Tags: ( tools webappsec )
  3. This looks like an interesting tool to add to your web app sec Firefox toolkit.
    Groundspeed 1.1 - Web Application Security Add-on For Firefox | Darknet - The Darkside
    Tags: ( webappsec tools firefox )
  4. Jarrod shares how he got into information security and offers some thoughts on making your own move.
    /dev/null - ramblings of an infosec professional: How to Get A Start in Information Security
    Tags: ( career )
  5. Ben is up next on the D-list interviews. I know Ben from Twitter and hope we can meet IRL someday.
    Andrew Hay >> Blog Archive >> Information Security D-List Interview: Ben Jackson
    Tags: ( interview )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some thoughts about the security job market and how to get into it. (Thanks Ron)
    E-Commerce News: Trends: Breaking Into the Security Job Market
    Tags: ( career )
  2. Anton has some comments about log context. Very important stuff.
    Anton Chuvakin Blog - "Security Warrior": On Log Context
    Tags: ( log-monitoring )
  3. This paper (pdf) takes a look at replacing session cookies with digest authentication.
    WeaningTheWebOffOfSessionCookies.pdf (application/pdf Object)
    Tags: ( session webappsec )
  4. Another really good reason for egress controls.
    Sunbelt Blog: Botnet C&C switching to http; away from IRC
    Tags: ( botnet )
  5. That's a lot of malware.
    Report: 48% of 22 million scanned computers infected with malware | Zero Day | ZDNet.com
    Tags: ( malware )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Guest blog: Evil Maids on the rise | Graham Cluley's blog
    Tags: ( bitlocker tpm )
  2. Could a rubber duck steal your identity on Facebook? | Graham Cluley's blog
    Tags: ( facebook malware )
  3. AOL Ditches Security Tokens To Make Logging In Easier | Threat Level | Wired.com
    Tags: ( general )
  4. Can quantitative risk estimation serve as a guide for every-day policy decisions? << The New School of Information Security
    Tags: ( risk-management policy quantitative )
  5. Security Uncorked >> Four Options for Secure Wireless Authentication with 802.1X
    Tags: ( 80211x )
  6. Great InformationWeek/Dark Reading/Black Hat Cloud & Virtualization Security Virtual Panel on 12/9 | Rational Survivability
    Tags: ( webinar virtualization cloud )
  7. Digital Soapbox - The White Rabbit Commeth...: Exposing Malware - Part 2: Infestation
    Tags: ( malware )
  8. McAfee Gives Stats on the Riskiest Domains | CNET Security | danielmiessler.com
    Tags: ( general )
  9. Economic Recovery: Will Your IT Security Department Jump Ship? - CSO Online - Security and Risk
    Tags: ( career jobs )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Some good tips and resources for gathering intelligence.
    Enterprise Open Source Intelligence Gathering - Part 1 Social Networks -- spylogic.net
    Tags: ( gathering )
  2. I always enjoy pointing to posts that contain resources for education and career advancement. Here is another one.
    Room362.com - Blog - Getting your n00b fill of security
    Tags: ( career learning education )
  3. As always, tools can be used for good or for evil.
    Google Wave as a Tool for Hacking | Social Hacking
    Tags: ( )
  4. This is a fun video. Evolution of Security.
    A Video For You - F-Secure Weblog : News from the Lab
    Tags: ( general )
  5. Want to avoid complete failure from a logging perspective? Check out Anton's list of logging failures.
    Anton Chuvakin Blog - "Security Warrior": Top Log FAIL!
    Tags: ( logging )
  6. An incident response plan isn't any good if it isn't workable. Check out Martin's thoughts on the issue.
    Have a workable plan, or else... : The Security Catalyst
    Tags: ( incident-response )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Hi there folks. I know it's been awhile since we've had a bits post, but never fear. I did not just click 'mark all read' and am making my way through the back log. For the next few days you should see a bits post for that day and a catch-up post. This is the first catch-up post. I apologize, but the catch-up posts will probably be commentless like this one.

  1. The Ethical Hacker Network - SSHliders
    Tags: ( challenge )
  2. Nikto 2.10 released << Ramblings of the anal security guy
    Tags: ( nikto tools webappsec )
  3. Twitter Risks | The Infosec Cynic
    Tags: ( twitter humor )
  4. Syn: Abusing VLANs With BackTrack
    Tags: ( vlans backtrack )
  5. Carnal0wnage Blog: Oracle Hacker's Handbook Book Review
    Tags: ( book review oracle )
  6. Securosis Blog | IDM: Reality Sets In
    Tags: ( idm )
  7. Do the Evolution... - fudsec.com
    Tags: ( profession )
  8. Are Security "Best Practices" Unethical? << The New School of Information Security
    Tags: ( best-practices risk-management )
  9. Information Escapology << wirewatcher
    Tags: ( passwords logging )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 1 comment }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. How to Become a Computer Forensics Investigator | Forensics, How To | Enclave Forensics
    Tags: ( forensics career )
  2. How to Cyberstalk Jobs / Cyberstalking Potential Employers
    Tags: ( surveillance privacy screening )
  3. Transparency: I Do Not Think That Means What You Think That Means... | Rational Survivability
    Tags: ( cloud amazon )
  4. Uncommon Sense Security: Hot off the [virtual] presses
    Tags: ( nist )
  5. waiting for patches to release to wsus... (terminal23)
    Tags: ( wsus patching microsoft )
  6. Twitter starts to get serious about spammers | Social Business | ZDNet.com
    Tags: ( twitter spam )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Wow, this has been a crazy busy week.

My apologies for not taking the time to get the daily bits posts out the door. However, don't despair. I have a bumper crop for you today because I have been keeping my eye on things.

Unfortunately you will have to do without my pithy (or so I'd like to believe) comments today. :)

Also, RSA Europe 2009, where I'll be speaking, is right around the corner along with some vacation time, so you will see fewer bits posts over the next couple weeks and they will probably be like this one.   I will be back in full gear after the conference. I will blog when I can on what I see at RSA though.

Anywho, here are today's (this weeks) Interesting Information Security Bits from around the web.

  1. Immutable Security >> Low and Slow SSH Brute Force Attacks
    Tags: ( ssh )
  2. Real World Stories: How Pen Tests Complement Vulnerability Scans << Core Security Technologies
    Tags: ( wepappsec pentest )
  3. Visa Announces New Data Encryption Practices
    Tags: ( pci )
  4. 'What's wrong with Smelly Widgets?' - Packet Challenge << I Smell Packets
    Tags: ( challenge packet )
  5. The Professional Security Testers Warehouse for the CEH GPEN QISP Q/ISP OPST CPTS - FRHACK01 copy of presentations
    Tags: ( conference presentations )
  6. Avert Labs Paper: Inside the Password Stealing Business:the Who and How of Identity Theft | Hackers Center Blogs
    Tags: ( passwords )
  7. AVG Stepping Up Consumer Anti-Virus Offerings | Darknet - The Darkside
    Tags: ( anti-virus avg )
  8. Man banished from PayPal for showing how to hack PayPal * The Register
    Tags: ( paypal )
  9. Book Review: The Rootkit Arsenal << McGrew Security Blog
    Tags: ( books reviews )
  10. Jeremiah Grossman: All about Website Password Policies
    Tags: ( infosce passwords )
  11. Digital Soapbox - Preaching Security to the Digital Masses: Things I Learned at SecTor 2009
    Tags: ( conference toorcon recap )
  12. TaoSecurity: Technical Visibility Levels
    Tags: ( avialability monitoring )
  13. SSL Still Mostly Misunderstood - DarkReading
    Tags: ( ssl )
  14. Anton Chuvakin Blog - "Security Warrior": Compliance != Security, Does Security = Compliance?
    Tags: ( compliance security )
  15. A Page from Singapore's Cybersecurity Playbook | Optimal Security: The Lumension Blog
    Tags: ( general )
  16. You Can't Always Be Proactive - Hacked Off - Dark Reading
    Tags: ( general )
  17. Security Uncorked >> Good, Bad and Ugly: On SecTor's Wall of Shame
    Tags: ( passwords wireless )
  18. CSS History Hack Used To Ban Torrent Users ha.ckers.org web application security lab
    Tags: ( css )
  19. Yahoo Best Jobs in America ranks infosec professional #8
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. The PandaLabs 3rd quarter report has been released.
    Q3 report released - PandaLabs
    Tags: ( reports )
  2. Alan is looking for a little feedback on how the Security Blogger Awards for the 2010 RSA USA Security Blogger Meetup will be run this year. Drop by and offer him your thoughts.
    StillSecure, After All These Years: Social Security Blogger Awards 2010
    Tags: ( rsa meetup )
  3. Want a job? Looks like DHS will be hiring.
    Security Fix - DHS Seeking 1,000 Cyber Security Experts
    Tags: ( career )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }

Good afternoon everybody! I hope your day is going well.

Here are today's Interesting Information Security Bits from around the web.

  1. Dre is reading a lot of the same people as I am when it comes to security programs. This post has some good stuff in it along with some great additional reading for us.
    What makes a solid security program? | tssci security
    Tags: ( security-program )
  2. Another day, another case of people handing over credentials to anybody who asks.
    Another Twitter Scam: Twitviewer -- spylogic.net
    Tags: ( twitter )
  3. Looks like there is a nasty BIND vulnerability being actively exploited. Time to update.
    BIND 9 Issue
    Tags: ( bind dns )
  4. Very nice. I like the way he approached this.
    Tactical Web Application Security: Lessons Learned From Casino Surveillance
    Tags: ( general )
  5. Wim is getting into FAIR. Very cool stuff.
    all is FAIR in love and war. << The Security Kitchen
    Tags: ( fair )
  6. An interesting case of what you read on the internet isn't always true :)
    Fake Retweets Lead To Spam - SpywareGuide Greynets Blog
    Tags: ( twitter )
  7. Sometimes high availability doesn't make your life easier. Check out Shrdlu's post and think about your situation a little.
    When 'high availability' isn't good enough.
    Tags: ( general )
  8. If you are an information security professional or want to be, I strongly recommend you carve out the time to attend Mike and Lee's talk at Defcon. They know what they are talking about and you should too!
    Effective Information Security Career Planning at DefCon | Information Security Leaders
    Tags: ( career )
  9. No big surprise here for me.
    Study says SSL-certficate warnings are as good as useless - News - The H Security: News and features
    Tags: ( ssl )

That's it for today. Have fun!

Subscribe to my RSS Feed if you enjoy these daily Interesting Bits posts.

Kevin

{ 0 comments }