-
Trusting AI – Can We?
John asks an online artificial intelligence (AI) tool for advice and it generates an answer, but can you TRUST the answer? How do you know it’s an accurate answer and not mis-information, or just made up sounding declarative. The author has already seen AI generated output analyzing a document with answers that have nothing to…
-
Cyber Threat Intelligence Actionability
How is actionability achieved leveraging your blue team operations within IT, security teams, and CTI? HINT: It’s not a tool! CTI “Actionability” is a marketing buzzword used all too often, without any quantification or achieving that in production, even with some of the shiniest new tools in the market. How does one – achieve –…
-
Cybersecurity maturity – where are you at?
The threat of the unknown is real? You may think you have a well managed network until you discover, from a breach, that you’ve been ‘pwn’d’ for months. The ‘dwell’ time is upwards of a year for a reason, lack of visibility into security controls and management over logs, changes, and security within an organization.…
-
Naming of 4D5A Security
We often get asked, how did you name 4D5A Security? It’s named after a Windows executable. If you’re a programmer or a malware analyst you’re always inspect the portable executable “header” of a file looking for uppercase “MZ”. These two letters identify that file as an executable, on Windows, as originally developed by Mark Zbikowski…
-
Culture Bias in the Workplace
I’m at work on a conference call, working from home as an American doing work with several colleagues from several different countries and cultures from around the world. None of us have ever met in person before. We are in a very busy workplace with no time to get to know each other personally. Stress…