Showing posts from 2017

Practical advice for real world problems

Practical advice for real world problems Introduction Have you ever been trying to solve a systemic problem, like users getting infected by malware, and the only advice you get is completely impractical, such as to instruct users to not click on links or open attachments? This seems to be one of the top security recommendations lately, as if the solution was so simple. The good news is that there are some practical solutions out there for nearly every organization. The key is to figure out your core goals, determine what solutions supposedly work in your environment, and then test them to make sure they actually do what they say on the tin. It’s going to take more than a single blog post to explain everything, but we wanted to start by going over a concrete example and then future posts can generalize. The problem Our example will be to cover the damage done by people getting phished and downloading malware (either from an attachment, or by clicking a link and downloading some

Blockchain Technology

Blockchain Technology Financial technology (Fintech) has a long history of innovation, but there have been interesting changes now that Bitcoin has demonstrated the possibility of having a trustworthy system even when dealing with untrusted parties. It has taken Bitcoin quite a few years to earn the level of trust and acceptance it has today, but it serves as an existence proof that this level of trust is both technical and socially possible. This is what the altcoins and other blockchain technologies are banking on. They want to be viewed as being secure and trustworthy just because they share some things in common with Bitcoin, such as a distributed ledger. Filecoin allegedly raised over $257 million despite the fact that Storj, Sia and MaidSafe already had working products for distributed data storage on a blockchain. It’s unclear why investors chose Filecoin. Perhaps they feel that there needs to be big money behind a technology so it can be promoted and become the dominant so

The Launch of SCYTHE and CROSSBOW

The Launch of SCYTHE and CROSSBOW When I started  GRIMM , I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry, and the greater business and government communities. Five years later, we have grown into a dynamic and passionate team that strives to make a better, more secure world through the independent research and the services we provide to clients. GRIMM takes deep pride in its dedication to education, innovation, and technical problem-solving. We go to great lengths to arm our entire team with the resources and freedom to tackle the pressing security challenges in an increasingly connected world. Its this pride in the business, spirit of achievement, and dedication to security that has driven our company toward major success. As a result of all our hard work, I’ve announced today that we’ve officially launched a new company,  SCYTHE , to roll out,  CROSSBOW , a first-of-its-kind security assessment, and validation platform. To ad