Matthew J. Harmon: Minneapolis, Minnesota, États-Unis, Earth

Action and Adventure on the High Seas of Information Security

  • XKCD: How the Heartbleed bug works


    Munroe, Randall. "xkcd: Heartbleed Explanation." xkcd: Heartbleed Explanation. http://xkcd.com/1354/ (accessed April 11, 2014).…

  • St. Paul College Keynote


    Thank you very much to the Saint Paul College ACM Club for the opportunity to provide the Keynote presentation for their Cyber Security Workshop.…

  • VIDEO: Brian Regan - Stupid in School


    Brian Regan Stupid in School @ Archive.org Brian Regan - Stupid in School Video @ YouTube…

  • GIF: Take it in stride.


  • Minnesota Breach Notice Statutes 2013


    Minn. Stat. §§ 325E.61: DATA WAREHOUSES; NOTICE REQUIRED FOR CERTAIN DISCLOSURES. 325E.61 (d) For purposes of this section and section 13.055, subdivision 6, "breach of the security of…

  • Books: Red Team Field Manual


    Red Team Field Manual Fantastic no-nonsense RTFM. Author: Ben Clark Publisher: CreateSpace Independent Publishing Platform; 1.0 edition (February 11, 2014) Language: English ISBN-10: 1494295504 ISBN-13: 978-1494295509 Product Dimensions: 8.…

  • Inventory: Assets; Software and Hardware


    In order to be effective, you must know what you are trying to protect. Further, you can reuse your financial audit information to help accomplish this. Download a local copy…

  • Malware: Defense


    This cute kitten is harboring a malicious test file, four different ways, that every anti-virus should detect, don't blow your whole budget on buzzword bingo "anti-virus" software. Start with the…

  • Garden: 2013


    Chessboard patio. Back two plots: Basil, Garlic, Salad (Three types), Corn Long back: Tomatoes, Beans, Garlic, Peppers Left: Merigolds…

  • Phytoremediation


    Phytoremediation consists of mitigating pollutant concentrations in contaminated soils, water, or air, with plants able to contain, degrade, or eliminate metals, pesticides, solvents, explosives, crude oil and its derivatives, and…

  • (ISC)2 Twin Cities MN Chapter


    (ISC)2 Twin Cities Minnesota Chapter Every Third Thursday, Benchark Learning in Edina at 2pm or a Social Event at 5pm.…

  • Security B-Sides MSP 2014


    Saturday, August 23rd @ 9am At the Nerdery in Bloomington Website Wiki Registration: Coming soon. Call for Papers: Open! General email: info@bsidesmsp.org Sponsor email: sponsor@bsidesmsp.org Twitter: #BSidesMSP…

  • Reduce your Attack Surface


    Every added device or installed software increases your attack surface. Adding software or devices to your environment increases your attack surface as they must be maintained and monitored. "Now you…

  • Passwords: Write them down.


    Store your passwords LastPass Password Safe KeePass Multi-factor authentication can be cheap, easy -and- secure. YubiKey Google Authenticator DuoSecurity (Facebook) Account lockouts: 10 tries. Account lockouts are necessary to prevent…

  • Patch & Update: All the Things


    Patch your operating systems and applications on a regular schedule. Use a tiered update system where the most technically savvy people get the updates first and report issues and then…

  • Internet Access: Security Basics


    Secure Configurations for Network Devices such as Firewalls, Routers, and Switches Establish a secure perimeter Enable the security features on the existing hardware from your ISP Change the default passwords…

  • SOSB: Original Slides & Notes [PDF]


    Security on a Shoestring Budget Original Security on a Shoestring Budget (SOSB Slide Deck) with Notes at Github. Follow the SOSB developing series.…

  • Resiliency: Compartmentalize


    Compartmentalize into zones of similar data access Virtualization with VMware, Virtual Box, QEMU/KVM, XEN Containers such as Docker.io and Vagrant Operating System, Configuration, Data and Infrastrucutre exist separately…

  • Resiliency: Backups & Restoration


    Meet your new best friend. Backups. While meant comedicaly, backups have saved me more times than I can count. What I can count however was the one tragic event that…

  • Inventory: Data and Information


    Information Types Start with a simple but comprehensive Data Classification program and announcing it to staff If the data is on the organization website or in marketing material, it is…

  • Loading...


    That's right ladies and gentlemen. I'm rejuvinating my online information resource for all. Coming soon... funny anecdotes, conversation reference pieces, insightful multi-point-of-view articles, things to do, book releases, whitepapers releases,…

  • Commenting Policy


    Will Wheaton's Law: Don't be a dick. Nick Offerman's Life Advice: Don't be an asshole. Alberto Brandolini: "The amount of energy necessary to refute bullshit is an order of magnitude…