“Good Time” (verb)   1.have a good time – enjoy oneself greatly; “We had a ball at the party and didn’t come home until 2 AM”

By this definition, I unquestionably had a good time at B-Sides Las Vegas. New to the world of marketing, I have experienced many firsts in the past few months and this week was no exception. With my marketing label and warning of the “highly critical” security guru’s that awaited me I arrived at my first security conference. Surprisingly an immediate warm welcome was given. An invitation to dinner was extended by a member of the BSides team and I accepted, thankful I wouldn’t be spending the night alone in my hotel room. Little did I know that dinner (in Vegas) also includes dancing and cocktails, and always goes into the “wee hours.” That first night set a trend of making friends and having fun while immersed in a learning experience with cutting edge security peeps.

I learned all I could in the 48 hours given, stopping to sleep very little, and two things I learned stand out among the rest. First, I learned how completely relational this group is. There is trust at the core of everything they do and in spite of their sometimes rebellious reputation; they operate through networking like nothing I’ve ever seen before. Coming in a close second was when I learned to pick a lock. As I sat with tools and lock in hand, searching to feel the levers release, I was constantly encouraged until I successfully picked a ‘number four master lock.’  It isn’t that I am now skilled enough to raid gym lockers and sport the best gear thanks to my new talent, but rather it was the shared and genuine feelings of excitement for my success.

Many firsts have been thrilling, and most were enjoyable, but none can compare to the fantastic time at B-Sides Las Vegas. The experience has shaped my approach to future events and provided a filter for me to look through when viewing things in the security world. My arrival in Portland was bittersweet, happy to be home but instantly wanting to see all my new-old friends.

Angela Earl is a Marketing Programs Specialist at Tripwire. You can learn more by visiting her LinkedIn profile and be sure to follow her on Twitter @J_ai_Ho.

The evening of July 20 was a both joyous and bittersweet.  Why?  It was joyous because I spent the evening with so many Tripwire colleagues that I’ve loved working with, who were all congratulating me and wishing me well.  It was bittersweet because this was my farewell party at Tripwire: thirteen years after I founded Tripwire, I was leaving the company to start the next chapter in my life.

I had announced to the company on July 1 about my plans.  I’ll be posting this letter tomorrow.

I am very proud of my contributions to the company. Looking back, I’ve achieved almost everything I set out to achieve at Tripwire.  Eighteen years ago, I wrote the original version of Tripwire in 1992 with Dr. Gene Spafford. Now, it is a company that has thousands of customers, booked over $80MM in 2009, and continues to be used as part of information security, compliance and IT operations programs worldwide.  And as widely reported, the company completed its S-1 filing in May.

I am very grateful to Jim Johnson, the Tripwire CEO, for making something that was so difficult (for me) so easy.  He is a genuinely great guy with unquestionable integrity. The company future has never been this bright, and I am deeply grateful to everyone who has helped make that happen, including our customers and investors.

For me, the time was right to take some time off to spend with my family and resume work in area of passion: to complete the study and enable the replication of what makes high performing IT organizations tick.

As many of you know, since 2000, I’ve been studying a group of IT organizations that simultaneously achieve the best IT service levels, the best posture of compliance, the best integration of information security into the software development lifecycle, and also have the highest release rates and project due date performance.

How these organizations made their “good to great” transformation is what my colleagues and I captured in the Visible Ops and Visible Ops Security Handbooks, why we created a non-profit research organization, which benchmarked over 1500 IT organizations to conclude which practices led to improved performance.

Along with some trusted collaborators and fellow travelers, I believe that the conditions are now very favorable to propose some new solutions, dramatically different than the status quo.

In addition to spending half-time with my family, here are the three things that I intend to complete in the next two years:

Project #1: Finish My Book: “When IT Fails: The Novel”

Finish the novel “When IT Fails: The Novel.” The novel describes the fall and eventual triumph of the CEO and VP IT Operations of a 100 year old, $4B/year company at the brink of existential failure.

The CEO must close the gap with the competition.  But the two most critical projects necessary to achieve this are years late and way over budget, mostly because of IT. Furthermore, the company is losing customers due to outages and fragile and insecure IT infrastructure, SOX-404 IT audit findings are jeopardizing their 10-K with disastrous footnotes, PCI compliance failures threaten to damage the company brand, and developers are taking dangerous shortcuts in order to meet external promises.

It starts to dawn on the CEO that his survival now depends upon the success of IT and information security. And while he believes that IT is not their core competency, he learns that the company cannot function without it, and is therefore a competency that they must develop.

You can learn more about the book here.

Project #2: Start An Exciting New Venture

During my thirteen years at Tripwire, I was very focused on the mechanics of how organizations can detect and manage configurations and changes.  But in reality, the problem actually starts far upstream, in how the business and IT organizations made decisions that necessitated those changes.

I am starting a new venture to develop the methods, procedures and enabling software tools needed to support the transformations described in “When IT Fails: The Novel.”

I am very excited to be working with some very talented and trusted colleagues, so stay tuned for more details.

Project #3: Continue Engaging With Kick-Ass Communities Of Practice

Work with the communities that I believe will be an instrumental part of creating the management movement to change how IT is managed.  These include: DevOps, PCI Security Standards Council, Service Management, the Institute of Internal Auditors, the Software Engineering Institute, and I know I’ve forgotten mention some others!

I’ve had tremendously productive collaborations with these groups, as well as forming lasting friendships.  And I believe bigger and better achievements are still to come.

So Stay Tuned!

Thank you again for all your support, and I look forward to collaborating with you in this new chapter my new story.  If you want information on my progress, follow me on Twitter or subscribe to my newsletter.

Later this week, I’ll post my internal email announcement of my departure to the company, as well as pictures from the amazing farewell party that they threw for me.

We are pumped to be at B-Sides Las Vegas!

This week a group of us are hanging out at B-Sides in Las Vegas.   We are very excited about the event after we were first exposed to the B-Sides movement in San Francisco this year during RSA.  We have had the good fortune of getting to know many of the people that put on this event and the many dedicated folks that make this a success.

Tripwire had the opportunity to participate and help continue the discussion of security, so we jumped on it.  It is a two-day event in Las Vegas as the b-side to Defcon.

Most conferences take place in some stuffy hotel convention center but not this event.! They are doing it up right by having it in a mansion in Vegas.

You can check out all of the details of the event on the B-Sides Las Vegas page but there are a few highlights that Tripwire is able to be a part of during the week.

Gene Kim is speaking @ noon on Wednesday

Gene and I started talking to lots of folks during Interop Las Vegas this year about their passions and one of the items that came up consistently was that a ton of these security folks were frustrated at the behaviors that compliance standards like PCI were creating.  They like the intention but they hate the fact that people see this as a solution as opposed to a robust security solution.  Gene has seen this type of issue before when dealing with SOX.  Gene has been doing lots of work with the PCI Council so his talk is called, Mobilizing the PCI Resistance: Lessons Learned From Fighting Prior Wars (SOX-404).  From talking to people this is one of the more anticipated talks and Gene always entertains.

Social Media Geekiness + Participation = iPad

This is the part you need to tune into.  We decided to give away an iPad for something fun.  Really this week for us is about taking in some great discussions and building relationships.  Since we are social media geeks for the most part and we want to support the B-Sides movement we created this little contest.  It is very simple.  The person who tweets the most using the #BsidesLV hash between 6 am Wednesday  July 28^th through 6pm on Thursday July 29^th wins an iPad.  It will be at the party for you Thursday night or we will get it to you if you can’t be there.  You also get credit if you are retweeted.  So the formula for success is the be the person with the most tweets + retweets of #BsidesLV.

PARTY!

There will be a great party on Thursday night.  We will take some pictures from that event and post them (the appropriate ones at least!)  to our Flickr page with a blog post.  Angela Earl on our team is awesome and she has spent some considerable time thinking of some cool ways we could help the B-Sides experience.  One of the things she came up with was this awesome beach towel, after all, there is a pool and this is a pool party.

We will be blogging and tweeting from the event.  You can follow #BsidesLV on Twitter.  The B-Sides movement has been growing quite a bit over the past and this event is lining up to be the biggest yet.  It should be a great week so watch here and over at @TripwireInc for all the updates.  I will send out the video link so that if you are not able to attend you can watch all the happenings from your desk while you act like you are working intensely.

On a final thought I just wanted to say that I am excited about the next couple of days because the people that have have met to this point that are participants in this are just good people who are a fun bunch to be around.   I expect a great week to follow.

Matt

Post written by Kent Dahlgren

A recently discovered worm called Stuxnet is affecting industrial control systems worldwide, with over half of the infections occurring in the United States.  The worm exploits a zero-day vulnerability present in unpatched Windows software, and is targeting supervisory control and data acquisition (SCADA) systems. These systems are used to operate power plants and gas and oil refineries and the worm is using the default password in order to (1) either steal very critical information on how these plants run, or (2) use it to access the control system to do major damage. It’s spreading fast and furious in Siemens SCADA Systems and users are panicking.

How could Tripwire solutions have helped?

Tripwire Enterprise offers some native Windows agents, which could have been configured to detect changes to specifically-defined files. Even if they didn’t allow installation of an agent on a Windows machine, we’d still be able to easily configure a new node type, which could remotely log in and check files.

Similarly, Tripwire Log Center can collect and evaluate the events from a Windows machine.  A correlation rule could be written that detects the unique behavior of the worm. Also, Tripwire Log Center would pick up on the worm’s unique behavior from other network devices (firewalls, etc).

Utilizing both products combined would give you additional correlation capabilities to add context to your changes and logs, providing the visibility into your IT infrastructure, including SCADA systems, intelligence to bubble up events of interest, and the automation to alert and remediate changes that could take you out of a secure state.