The Evolving World of DNS Security

By Tony Perez | March 2, 2019 |

I was recently at an event listening to representatives of ICANN and CloudFlare speak on security with DNS and it occurred to me that very few of us really understand or appreciate its nuances. It also so happens that the past 5 years have brought forward a lot of curious, and interesting, developments in one…

Read More

Installing OSSEC on Linux Distributions

By Tony Perez | January 3, 2019 |

The last few posts have been about deploying and configuring OSSEC as an important tool in your security suite. In this article I will provide you a script I wrote to help you quickly deploy OSSEC. This script assumes you are deploying on a Linux distribution (e.g., Fedora, Ubuntu, CentOS, or Debian). It will force…

Read More

Tips to Protect Your Domain[s] Investments

By Tony Perez | November 20, 2018 |

A few months back I was working with a customer that was having the worst day of their lives. Attackers had taken full control of their most critical digital asset – their domains and the domains of their customers. The organization affected was an agency. They built and managed sites for their customers and in…

Read More

A Primer on DNS and Security

By Tony Perez | November 4, 2018 |
Software Design Challenges

If you’re reading this article you’ve interacted with DNS. In fact, you’d be hard pressed to spend any time online and not interact with DNS. Many of us spend very little time thinking about it. By design, it’s a “set-it and forget-it” tool that is often set up on our behalf (e.g., our home network,…

Read More

How HTTPS Works – Let’s Establish a Secure Connection

By Tony Perez | October 28, 2018 |

The need to use HTTPS on your website has been spearheaded by Google for years (since 2014), and in 2018 we saw massive improvements as more of the web became encrypted by default. Google now reports that 94% of its traffic on the web is now encrypted. What exactly does HTTPS mean though? And how…

Read More

The 2018 Facebook Data Breach

By Tony Perez | October 20, 2018 |

On September 28th, 2018, Facebook announced it’s biggest data breach to date. They estimated 50 million accounts were affected at the time of the disclosure. Subsequent to the disclosure, security professionals from all verticals took to the interwebs to provide what most would consider sensible advise: Time to update your passwords; Time to enable Two…

Read More