About Andrew Hay

Andrew Hay is an information security industry veteran with close to 20 years of experience as a security practitioner, industry analyst, and executive. As the Chief Information Security Officer (CISO) at DataGravity, Inc., he advocates for the company’s total information security needs and is responsible for the development and delivery of the company’s comprehensive information security strategy.

Andrew has served in various roles and responsibilities at a number of companies including OpenDNS (now a Cisco company), CloudPassage, Inc., 451 Research, the University of Lethbridge, Capital G Bank Ltd. (now Clarien Bank Bermuda), Q1 Labs (now IBM), Nokia (now Check Point), Nortel Networks, Magma Communications (now Primus Canada), and Taima Corp (now Convergys).

Andrew is frequently approached to provide expert commentary on security-industry developments, and has been featured in such publications as Forbes, Bloomberg, Wired, USA Today, International Business Times, Sacramento Bee, Delhi Daily News, Austin Business Journal, Ars Technica, RT, VentureBeat, LeMondeInformatique, eWeek, TechRepublic, Infosecurity Magazine, The Data Center Journal, TechTarget, Network World, Computerworld, PCWorld, and CSO Magazine.

Every now and then I star a Git repo that looks interesting, has a tool I want to try later, or is something immediately useful. Most times, however, I tend to star them and forget about them. In reviewing some of my more recent 'stars', I thought it might be useful to share them with my readers. [list icon="chevron-sign-right"]harelba/q[/list] q is a command line tool that allows direct execution of SQL-like queries on CSVs/TSVs (and any other tabular text files). q treats ordinary files as database tables, and supports all SQL constructs, such as WHERE, GROUP BY, JOINs etc. It supports automatic...

Read More

About Script to fetch malicious domain and URL lists from sites that publish RSS feeds or raw HTML pages. Download To obtain the tool, please visit https://github.com/andrewsmhay/web2intel and download the associated files or simply run the following command at your command prompt: $ git@github.com:andrewsmhay/web2intel.git Supported Lists The Abuse.ch SSL block list The Quttera malicious, suspicious, and potentially suspicious domains database John Bambenek's Gameover Zeus list DNS-BH – Malware Domain Blocklist SANS Internet Storm Center LOW, MEDIUM, and HIGH confidence block lists Sucuri Security's scanner identified iframe, conditional redirection, and encoded javascript web site list Usage ./web2intel.rb <option> <extras>  For command syntax, please visit the GitHub repository. Example 1 - Domains only $ ./web2intel.rb --sucuri_iframe #Title: Sucuri Research Labs Hidden iframes list #2014-07-20 15:08:14 -0700 ...

Read More

Even though a lot of people know where I'm working (CloudPassage) not everyone understands exactly what it is we do. Robert Scoble made an excellent video with our VP of Product Management, Rand Wacker, that concisely explains our product and its capabilities. As such, I figured it'd just be easier to post the video and refer people to it for the short term :) P.S. Bonus points if you remember the movie that my blog post title is quoted from ;)...

Read More