As many of you already know, I’ve accepted a security analyst position at the University of Lethbridge in Alberta, Canada starting in August. I fully expect to hear “You left Bermuda for Lethbridge???” about a million times between now and probably well into 2010. It was, however, a very strategic move for my career and my family life so I have absolutely no regrets about coming to Bermuda and leaving at this time.

So what does this mean? Well my day-to-day job will fall into the following 3 categories:

• Threat and vulnerability identification, classification, and analysis, including on-going research into emerging threats. Activities include system security assessments, vulnerability scanning, and security consulting.
• Design, development, implementation, and management of technical security processes and systems to effectively mitigate identified risks (eg. IDS/IPS, log correlation/SIEM, 2-factor authentication, full-disk encryption, etc.)
• Investigation, response, reporting, and tracking of security incidents, including all associated digital forensics activities.

That being said, I have a feeling that the 3 categories will probably expand to other duties as time goes on and other challenges present themselves.

I’ll probably also see everyone at conferences with greater frequency…hopefully as a presenter. The University sounds very supportive of my presentation/paper goals which is something I am quite happy about. They are also big supporters of training and education, for obvious reasons, and this should equate to more training opportunities. I also hope to blog more frequently and work on more personal projects (perhaps another book or two…maybe even a podcast). Only time will tell.

So wish me luck…it’s a big move back to Canada but I’m looking forward to it!

The Internet is all a flutter today with the news that Third Brigade, an Ottawa based network antivirus and Internet content security software and services company, has quietly been acquired by Japan based Trend Micro Inc. The Trend press release states that they are buying the business to “accelerate its dynamic data center security strategy, and to provide customers with access to critical security and compliance software and vulnerability response services.”

Since 2007, Third Brigade has licensed its technology to Trend Micro as part of their OEM relationship, resulting in products such as the Intrusion Defense Firewall (IDF) plug-in for OfficeScan™. This relationship inevitably paved the way for the Trend Micro acquisition. Trend Micro has plans to grow the Third Brigade business within its own data center security business.

This marks an interesting turn for Third Brigade who, in June 2008, was on the other side of the acquisition table when they picked up the OSSEC project. What does this purchase mean for users of the Open Source OSSEC HIDS? According to the press release on the OSSEC website they don’t anticipate there will be any impact on OSSEC users from this acquisition. The release states “like Third Brigade, Trend will help create broader awareness and further ensure the success of this thriving open source community through ongoing dedicated resources and extended support necessary for larger enterprise deployments.”

The Trend Micro Press release can be found here: http://trendmicro.mediaroom.com/index.php?s=43&item=714
The Third Brigade press release can be found here: http://www.thirdbrigade.com/WorkArea/linkit.aspx?LinkIdentifier=id&ItemID=948
The OSSEC press release can be found here: http://www.ossec.net/main/trend-micro-to-acquire-third-brigade

If you’ve not heard of Mykonos before, expect to hear more about them in the future. They launched their corporate website this week during the 2009 RSA Conference and showed off their security-oriented AJAX development platform/framework. At the Mykonos booth, the staff was happy to show off a slick MSN Instant Messaging application that was written within 72 hours using their framework. The application provided end-to-end encryption and served to demonstrate how powerful the framework was.

The Mykonos development framework boasts immunity to cross-site scripting, cross-site request forgery and session hijacking, click-jacking, phishing, and brute force attacks. This is both a powerful and dangerous statement that will force the framework to be put through its paces – obviously by a developer and not a lowly security guy like myself.

For more information on Mykonos, please visit their website at http://www.mykonossoftware.com.