Andrew Hay

January 30, 2007
by Andrew Hay
3 Comments

Hacker Techniques, Exploits and Incident Handling in Fredericton, NB, Canada

After working with my contact at SANS for the last few weeks it’s finally official! From Thursday, April 5, 2007 to Thursday, June 7, 2007 I will be leading the Security 504: Hacker Techniques, Exploits and Incident Handling track here … Continue reading

January 29, 2007
by Andrew Hay
4 Comments

Why Doesn’t the Security Industry Have Champions in Hollywood?

As I picked up my latest copy of Information Security Magazine I found myself wondering what Tom Hanks was doing on the cover. On second glance I noticed that this wasn’t Tom Hanks but rather Eric Bangerter from the University … Continue reading

January 17, 2007
by Andrew Hay
0 comments

My root password is so secure … you be the judge

I received a hilarious email posted to the security-basics mailing list this morning that I had to share: I was in a bar in San Francisco where my English accent has a habit of stimulating conversation with total strangers, in … Continue reading

January 16, 2007
by Andrew Hay
1 Comment

Reasons why enterprise networking and security roles must stay separate

The illustrious Shon Harris has stated in her latest article for SearchSecurity.com that: Not only should the networking group and security group have distinct and clearly defined tasks and responsibilities, but they should also have separate chains of command. which … Continue reading

January 14, 2007
by Andrew Hay
7 Comments

What Training is Missing?

Both Richard Bejtlich and Harlan Carvey have expressed their concerns with the recent SANS NewsBites issue in which the new Certified Malware Removal Expert certification is announced: Does anyone on your staff do an excellent job of cleaning out PCs … Continue reading

January 1, 2007
by Andrew Hay
0 comments

Expanding my horizons in 2007

I’ve decided that 2007 is going to be the year that I expand my horizons and diversify my knowledge. I’m going to get away from product-centric studies and take a more agnostic approach to my continuous learning. To give you … Continue reading