I wrote this post in conjunction with my last "Top 10 hints" post, but somehow it disappeared. So I thought I'd try and write it again, trying to remember the key points I hit.
Many of the people that read this blog are security professionals like me, my peers. We learned about our profession, mostly on our own. Self-taught individuals with a penchant for curiosity and the likeness to break things. There are very few schools and certifications to be "professional" at what we do for a living, and it's because of that, that our community is so small.
Take a look at something like Defcon or Blackhat. You can throw a stone at one of those conferences and usually hit about 4 people you know on a first name basis, and 10 people that you know by their online name. Think about it.
Along the growth of our careers we've probably had a few mentors, four or five people during our professional growth that have pushed us in the correct direction. Gave us hints, wrote blog posts, wrote books, wrote articles, and while you mostly taught yourself how to do this job, there probably are some people that you can point at in your career and say "he helped me by handing me my first copy of 2600". I clearly remember the first person in my life who handed me my first copy of "2600" and "Blacklisted!411" magazines. He was and remains to be my best friend and was the best man at my wedding, even though his job has nothing at all to do with computers (ironic, IMO).
As I was saying, the vast majority of the people that read this blog are either Apple people (who read because of my rantings on Apple), Google people (because of the same), or security people. (God knows why you read my drivel?! Thanks though.)
However, there is a group of you, especially the friends that I have on Facebook that I've pointed over here to get my content, that are not security people. There are a group of you that are barely computer people. You may think that getting on the "Internet" means clicking on the big blue "E" on the desktop.
Those are the people I'd like to make aware with those top 10 articles that I post. With the Facebook article that I wrote on Saturday while my wife was napping on the couch. Those are the people that I want to reach out to and help and say "yes, you do need antivirus on your Windows computer", and "Do you know what a firewall is on your computer? Do you have it on?", and "No! Don't click on that attachment! Are you crazy!?"
Be aware of what you are doing online. Don't let one of your security questions be "What is your mother's maiden name?"
To my fellow security professionals: Help out your fellow Humans. They may take time, they may take patience, but they need our help. The bad guys won't stop, the code won't get more secure. There will always be holes, the bad guys have money, they are most likely, in some way-shape-or form already in your network, and they want what you have. Help your fellow Humans, they need it.
Over the past several years my job here at Cisco Talos has changed drastically. I took on new roles, which is awesome and exciting, but in ...
Without going off the deep-end here and discussing every single Snort rule keyword, I just wanted to touch on a few modifiers that people so...
Let me start off by saying I'm not bashing the writer of this article, and I'm trying not to be super critical. I don't want to...
1. I don't feel like I have much to say. I do a tremendous amount of writing and blogging on the Snort, ClamAV, and Talos blogs. So...