Profile

Cover photo
Phil Hagen
Works at RedCanary
361 followers|72,174 views
AboutPostsPhotosYouTube+1'sReviews

Stream

Phil Hagen

Shared publicly  - 
 
One hallmark for many malware events is the regular periodic behavior they present when rallying for and checking in with their command and control servers.  The check-in interval can be a very useful metadata point in hunting an adversary.  However, the…
1
Add a comment...

Phil Hagen

Shared publicly  - 
 
The SANS 20 Critical Security Controls are widely viewed as the “Gold Standard” framework for building and evaluating an organization’s security program.  In this article, we will look at several of these controls and how Red Canary helps our clients…
The SANS 20 Critical Security Controls are the "gold standard" for improving your information security posture. Red Canary directly supports eight of them.
1
Add a comment...

Phil Hagen

Shared publicly  - 
1
Add a comment...

Phil Hagen

Shared publicly  - 
 
Presentation video and slides from last week's Security Weekly show, where I talked about Logstash in forensic investigations.
4
Add a comment...

Phil Hagen

Shared publicly  - 
 
I assume this is +Cory Altheide's cat. There is no acceptable alternate explanation.
https://www.youtube.com/watch?v=Mx1sN15C5rs
2
1
Ryan Rathbun's profile photo
Add a comment...

Phil Hagen

Shared publicly  - 
 
GNFA certification is now online - join me at a +SANS Digital Forensics  #FOR572  event sometime soon!
 
GIAC Network Forensic Analyst (GNFA) Certification now available! #FOR572 Get Certified! http://ow.ly/DLgIO
View original post
1
Add a comment...
Have him in circles
361 people
Alexander Schosser's profile photo
Katy O'Connell's profile photo
Alexander Volotkovich's profile photo
amin hussain's profile photo
Derek Banks's profile photo
Mark Morgan's profile photo
Bethan Bell's profile photo
Mustafa Qasim's profile photo
Kelcey Tietjen's profile photo

Phil Hagen

Shared publicly  - 
 
“Prevention of bad things” is not an idea unique to the information security world – and not even a new one for us.  For decades, the information security market has been dominated by so-called prevention solutions.  These often promise immunity from…
1
Add a comment...

Phil Hagen

Shared publicly  - 
 
Medical Records are an Attractive Data Theft Target - why are they so lucrative? http://wp.me/p4CBGQ-mh

While news about data breaches is growing disturbingly common, coverage is often focused on financial data – especially credit cards.  An event with direct impact to a large group of victims makes for a popular news topic, of course.  However, another…
1
Add a comment...

Phil Hagen

Shared publicly  - 
 
2015 DFIR Monterey Network Forensic Challenge Winner and Results Announced: http://for572.com/y4-so

Thanks to everyone that submitted or just played along with the SANS DFIR Network Forensic Challenge!  We had over 3,000 evidence downloads, and more than 500 submissions!  Per the rules, the winner must have answered four of the six questions correctly. …
1
1
SANS Digital Forensics's profile photo
Add a comment...

Phil Hagen

Shared publicly  - 
 
Perhaps this was inevitable – it appears the attackers behind the Sony breach are using stolen code signing keys to sign the latest variants of the “Destover” malware. This results in a binary that is signed and “trusted” to execute – often without…
1
Add a comment...

Phil Hagen

Shared publicly  - 
 
If you are not collecting a ridiculous amount of evidence from your environment BEFORE a breach has been identified/suspected, how can you possibly expect to scope and remediate when that time inevitably comes?
 
'Security leaders need to become "obsessed" about knowing their network better than the cyber-attacker, he suggests. "I've seen examples where an attacker comes in and knows where the sensitive data is better than the defenders. To me that's insane."'
On average, organizations take 229 days to detect a data breach, research shows. Experts offer insights on the key steps to take to speed up the detection of
2 comments on original post
1
1
Robert Hansen's profile photo
Add a comment...

Phil Hagen

Shared publicly  - 
 
Had a great opportunity to be featured in the "How I Work" series at +Technical.ly Delaware.  Got to throw out lots of love for +SANS Digital Forensics, +Red Canary, and +Beach Desks.
1
Add a comment...
People
Have him in circles
361 people
Alexander Schosser's profile photo
Katy O'Connell's profile photo
Alexander Volotkovich's profile photo
amin hussain's profile photo
Derek Banks's profile photo
Mark Morgan's profile photo
Bethan Bell's profile photo
Mustafa Qasim's profile photo
Kelcey Tietjen's profile photo
Basic Information
Gender
Male
Relationship
Married
Apps with Google+ Sign-in
Work
Occupation
Addressing IT strategy and security needs of small and medium businesses and nonprofit organizations. Computer forensic support to law enforcement and corporate clients.
Employment
  • RedCanary
    Chief Executive Officer, 2014 - present
    Oversees the development and growth of the Red Canary managed threat detection service. Ensures that the services is ready to address the threats that our clients face now and into the future.
  • identityVector Solutions, LLC
    Partner, 2000 - present
  • Lewes Technology Consulting
    Consultant, 2010 - 2014
  • Mantech International
    Executive Director of Computer Forensics, 2003 - 2010
  • US Air Force
    Communications Officer, 1998 - 2003
Phil Hagen's +1's are the things they like, agree with, or want to recommend.
Cooks.com - Recipes - Rump Roast Rosemary
www.cooks.com

Appetizers | Beverages. Breads | Cakes. Candies | Casseroles. Cookies | Desserts. Eggs | Fish | Holidays. International | Italian. Main Dish

Building Happiness in Delaware | Extreme Makeover: Home Edition
schellbrothers.com

Schell Brothers welcomes Extreme Makeover: Home Edition to Delaware! Our team at Schell Brothers is proud to be selected as the builder for

SQL Ginsu - Phil Hagen's Scratch Pad
stuffphilwrites.com

SQL Ginsu. by Phil on Jul.21, 2011, under Uncategorized. This year, I was selected as a “SANS @Night” presenter at SANSFIRE 2011, in Washing

We've been extremely happy Shell homeowners for over three years. From the first moment we stepped into the model home, through the build process, settlement, and as homeowners, the service and team is truly top notch. We were not local during the build, and felt more connected to the process than when we lived 1/4mi from the previous home we built before moving to Delaware. After living here, the quality really shows through. Whether in energy efficiency (our HERS is 53), and awesome design, or just plain livability, the thought that goes into each home is clear. The only thing better than living at the beach is living here in a Schell Brothers home. We can't recommend Schell Brothers enough. You might consider alternatives, but there's simply no competition.
• • •
Public - a year ago
reviewed a year ago
1 review
Map
Map
Map