About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Didier Stevens has released a new version of his OllyDbg plugin called OllyStepNSearch. About OllyDbg: OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. More information can be found here. About OllyStepNSearch: This plugin allows you to search for a given text when automatically stepping through the debugged program. When the plugin is enabled, it will step automatically through the debugged program once a step command (like Step Into) is issued. More information can be found here. Here is a movie of this example on YouTube, a High Res (XviD) version can be...

Read More

Interesting article (part 1 / part 2) by Alan Shimel on the concept of the "Less Than Zero Day Exploit". From the article: Once a vulnerability is publicly announced, the zero-day clock starts ticking. The announcement is typically followed by some period of time before a patch is made available. This is the Zero-Day period. According to accepted wisdom, organizations face the greatest danger when an attack or exploit targeting the vulnerability is verified in the “wild.” Some believe this is a flawed argument. As evidence, they point to “underground” vulnerabilities and exploits that are equally as dangerous and much more difficult to...

Read More

Excellent information gathering by Lorna Hutcheson in this Internet Storm Center Handler's Diary Entry. From the diary entry: First I want to thank everyone who sent in tools for this endeavor. I hope that this list of tools continues to grow and everyone can get good use out of it. If you look at the diary entry that launched this endeavor, you will find the information that I'm looking to obtain about the tools. If you have some that need would be good to list here, please pass them along and I'll update the list. Some...

Read More