RSAC 2019 Virtual Pen Testing Slides Available

With RSA completed over two weeks ago, and an ensuing sickness, I realized I haven’t posted about my presentation¬†with Joel Amick. I thoroughly enjoying sharing this work with the RSA audience and had some great conversations afterwards. I think agent-based modeling¬†(ABM) has some interesting use cases in cybersecurity and risk management. I think that in organizations that have data sets about their assets covering control strengths, threats, and losses, there is valid application of ABM to provide some attacker forecasting.

The presentation slides have been posted here. The slides are static and don’t show the video of the model, however the presentation was recorded and the video has been posted on RSAC onDemand for those that attended. When it’s opened to the rest of the world, I will post that.


Presenting on Agent Based Risk Modeling at RSA Conference Next Week

RSA Conference is next week and I’m excited to share that I will be presenting on some work a a colleague and I have done on building an Agent-Based Model (ABM) using FAIR risk data.

This should be an interesting discussion, so please join me next Wednesday at 2:50PM Pacific in Moscone West 2011.

I also served on the program committee this year for the GRC track and I can report that this year’s risk and metrics presentations will be insanely good! You are all in for a treat. If you will be in SF next week for the conference, be sure and look me up.