Blog

August 19, 2019

What is Ownership?

Post by Robert Hansen

Sometimes people in the security industry say “attribution is hard”. What they’re referring to is the tricky attribution of who is attacking whom, because people use botnets. But the same is true even in benign circumstances. When you want to know who owns a thing you have …

Read More

July 24, 2019

DNS versus IP’s

Post by Robert Hansen

I see a lot of comments about which is better to start searching for sites that you own – by DNS or IP addresses. Honestly, it’s a complicated question that deserves a nuanced explanation. The answer is just not that simple, as both searches have their pros …

Read More

May 25, 2019

On Finding Shadow IT

Post by Robert Hansen

There are many ways one can find shadow IT. Just look under someone’s desk, and you might find it that way. But if you want to find it at scale and see what’s on the public Internet, an Easter egg hunt under people’s desk just isn’t the …

Read More

May 1, 2019

Two Modest Proposals for Improving Cybersecurity

Post by Robert Hansen

I tend to think about security at a macro level these days. It occurred to me there might be a few interesting ways to help improve cyber security online. I like the idea of increasing costs to adversaries, so both of these are about introducing friction to …

Read More

April 19, 2019

Effective TLDs and Why We (Sometimes) Ignore Them

Post by Robert Hansen

Once upon a time there were only a few top level domains, like “.com” and “.net” and life was good. Then along came some friendly blokes who wanted everything to live under their top level domain, like “.co.uk” would be the “.com” for the “.uk” TLD. That …

Read More