Beave’s Blog

I’ve been involved in computer security since before it was an industry. I started “hacking” in mid 1980’s and I haven’t stop. I’ve written books, white papers and given talks at conferences like Defcon, HOPE, CCC and Suricon. I’ve been programming for 30 years (Perl, C, PHP, etc).

I am the CTO at Quadrant Information Security (https://quadrantsec.com) which is an awesome place to work. I’m the primary developer of the Sagan Log Analysis Engine and Meer. Thoughts, ideas and opinions expressed in this blog are my own.

Linux junkie since the early 90s. Unix enthusiast before that. OpenVMS administrator. Occasional “software defined” radio hacker.

I like do things. Many of them involve computers. IRL - I travel as much as possible around the world with my family. I play Bass. I play Guitar. I play Drums.

• 1. Readthedocs.org as a blog [2018/12/10]
  • 1.1. Why I’ve never had a blog
  • 1.2. Concepts behind Sphinx/Readthedocs.org
  • 1.3. Building a Sphinx/Readthedocs Blog
• 2. Your “Threat Intel” is over rated.
  • 2.1. What is “Threat Intel”
  • 2.2. Okay, It isn’t useless
  • 2.3. Attackers know about “Threat Intel”
  • 2.4. So when is Threat Intel useful?
  • 2.5. Consider your sources
  • 2.6. WHen to play it forward
  • 2.7. Not your primary path